Skip to main content

CVE-2025-7529: Stack-based Buffer Overflow in Tenda FH1202

High
VulnerabilityCVE-2025-7529cvecve-2025-7529
Published: Sun Jul 13 2025 (07/13/2025, 12:02:06 UTC)
Source: CVE Database V5
Vendor/Project: Tenda
Product: FH1202

Description

A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 07/20/2025, 21:03:30 UTC

Technical Analysis

CVE-2025-7529 is a critical stack-based buffer overflow vulnerability identified in the Tenda FH1202 router, specifically affecting firmware version 1.2.0.14(408). The flaw resides in the 'fromNatlimit' function within the /goform/Natlimit endpoint. This function improperly handles the 'page' argument, allowing an attacker to craft a malicious request that overflows the stack buffer. Because the vulnerability is remotely exploitable without authentication or user interaction, an attacker can send specially crafted network packets to the vulnerable router to trigger the overflow. This can lead to arbitrary code execution, potentially allowing full control over the device. The CVSS 4.0 base score is 8.7 (high severity), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. Although no public exploits are currently known in the wild, the vulnerability details have been disclosed publicly, increasing the risk of exploitation. The absence of an official patch at the time of disclosure further exacerbates the threat. Given that the Tenda FH1202 is a consumer-grade router commonly used in home and small office environments, exploitation could allow attackers to intercept, manipulate, or disrupt network traffic, launch further attacks on connected devices, or incorporate the router into botnets or other malicious infrastructures.

Potential Impact

For European organizations, especially small businesses and home offices relying on Tenda FH1202 routers, this vulnerability poses a significant risk. Successful exploitation could lead to unauthorized network access, data interception, and disruption of internet connectivity, impacting business operations and data confidentiality. In sectors handling sensitive or regulated data, such as finance, healthcare, or legal services, compromised routers could serve as entry points for broader network intrusions or data breaches. Additionally, compromised routers could be leveraged for launching distributed denial-of-service (DDoS) attacks or other malicious activities, potentially implicating the victim organization. The widespread use of consumer-grade routers in remote work setups across Europe further increases exposure, especially where IT management and patching practices are limited. The lack of a patch at disclosure heightens urgency for mitigation to prevent exploitation.

Mitigation Recommendations

1. Immediate mitigation should include isolating the vulnerable Tenda FH1202 devices from critical network segments to limit potential damage. 2. Network administrators should implement strict firewall rules to restrict inbound access to router management interfaces, especially blocking access to the /goform/Natlimit endpoint from untrusted networks. 3. Employ network intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect anomalous traffic patterns targeting this vulnerability. 4. Monitor network traffic for unusual activity or signs of exploitation attempts, such as unexpected requests to the vulnerable endpoint. 5. Where possible, replace affected Tenda FH1202 routers with devices from vendors that provide timely security updates and have a strong security track record. 6. Regularly check for firmware updates from Tenda and apply patches immediately once available. 7. Educate users and IT staff about the risks of using outdated consumer-grade network equipment and encourage best practices for network segmentation and device hardening. 8. Consider deploying network-level protections such as VPNs and secure DNS to reduce exposure of vulnerable devices to the internet.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-07-12T11:28:36.206Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 6873a384a83201eaacba962d

Added to database: 7/13/2025, 12:16:04 PM

Last enriched: 7/20/2025, 9:03:30 PM

Last updated: 8/22/2025, 8:04:01 AM

Views: 35

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats