CVE-2025-7747

CWE-119 — Buffer Overflow CWE-120 — Classic Buffer Overflow4 documents4 sources

Severity

7.4HIGH

EPSS

0.3%

top 47.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tenda Fh451 Tenda Fh451 Firmware

Timeline

PublishedJul 17

Description

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5tenda/fh4511.0.0.9

▶NVDtenda/fh451_firmware1.0.0.9

🔴Vulnerability Details

CVEList

Tenda FH451 POST Request WizardHandle fromWizardHandle buffer overflow↗2025-07-17

▶

GHSA

GHSA-422g-xm87-cghv: A vulnerability classified as critical has been found in Tenda FH451 1↗2025-07-17

▶

📋Vendor Advisories

Microsoft

Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execu↗2020-02-11

▶