Skip to main content

CVE-2025-45513: n/a in n/a

Critical
VulnerabilityCVE-2025-45513cvecve-2025-45513
Published: Fri May 09 2025 (05/09/2025, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.

AI-Powered Analysis

AILast updated: 07/04/2025, 23:25:27 UTC

Technical Analysis

CVE-2025-45513 is a critical stack overflow vulnerability identified in the Tenda FH451 router firmware version 1.0.0.9. The vulnerability resides in the function P2pListFilter, which is likely involved in processing peer-to-peer network filtering or device discovery features. A stack overflow occurs when more data is written to a buffer located on the stack than it can hold, which can overwrite adjacent memory and lead to arbitrary code execution, denial of service, or system compromise. Given the CVSS 3.1 base score of 9.8, this vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it highly dangerous. The impact includes full confidentiality, integrity, and availability compromise (C:H/I:H/A:H). The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and severe class of memory corruption bugs. Although no known exploits are reported in the wild yet, the ease of exploitation and critical impact make this a high-priority issue. The lack of vendor or product details beyond the Tenda FH451 model and firmware version suggests limited public information, but the vulnerability's nature implies that attackers could execute arbitrary code remotely, potentially taking full control of affected devices. This could allow attackers to intercept or manipulate network traffic, pivot into internal networks, or disrupt network availability.

Potential Impact

For European organizations, the impact of this vulnerability could be significant, especially for those using Tenda FH451 routers in their network infrastructure. Compromise of these devices could lead to unauthorized access to sensitive internal networks, interception of confidential communications, and disruption of business operations due to denial of service or device takeover. Small and medium enterprises (SMEs) and home offices, which often rely on consumer-grade routers like Tenda, are particularly at risk. Critical sectors such as finance, healthcare, and government agencies could face data breaches or operational disruptions if these devices are present in their network perimeter. Additionally, compromised routers could be leveraged as entry points for broader attacks or as part of botnets for distributed denial of service (DDoS) campaigns targeting European infrastructure. Given the remote and unauthenticated nature of the exploit, attackers can launch attacks at scale without requiring user interaction, increasing the threat surface.

Mitigation Recommendations

1. Immediate identification and inventory of all Tenda FH451 routers within the organization’s network is essential. 2. Since no patch links are currently available, organizations should monitor Tenda’s official channels and trusted vulnerability databases for firmware updates addressing this vulnerability. 3. In the interim, restrict network exposure of affected devices by limiting remote management access and isolating these routers from critical network segments. 4. Employ network intrusion detection systems (NIDS) to monitor for anomalous traffic patterns or exploitation attempts targeting the P2pListFilter function or related services. 5. Implement strict firewall rules to block unsolicited inbound traffic to router management interfaces. 6. Consider replacing vulnerable devices with models from vendors with a strong security track record if patches are delayed. 7. Educate IT staff about the vulnerability and ensure incident response plans include steps to handle potential exploitation. 8. Regularly review router logs for signs of compromise and conduct penetration testing focused on router security.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-04-22T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9817c4522896dcbd72b7

Added to database: 5/21/2025, 9:08:39 AM

Last enriched: 7/4/2025, 11:25:27 PM

Last updated: 8/8/2025, 5:36:17 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats