A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
2025-07-12T23:15:21.480
2025-07-15T17:50:57.793
Analyzed
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.0
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | tenda | fh451_firmware | 1.0.0.9 | Yes |
Hardware | tenda | fh451 | - | No |