CVE-2025-7550 is a critical stack-based buffer overflow vulnerability identified in the Tenda FH1201 router, specifically in version 1.2.0.14(408). The vulnerability exists in the function fromGstDhcpSetSer within the /goform/GstDhcpSetSer file. The flaw arises due to improper handling and manipulation of the 'dips' argument, which leads to a stack-based buffer overflow condition. This type of vulnerability allows an attacker to overwrite the stack memory, potentially enabling arbitrary code execution or causing denial of service. The vulnerability is remotely exploitable without requiring user interaction or authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/UI:N/PR:L). The CVSS score of 8.7 (high severity) reflects the significant impact on confidentiality, integrity, and availability, with high exploitability and no user interaction needed. Although no known exploits are currently observed in the wild, the public disclosure of the exploit code increases the risk of active exploitation. The vulnerability affects a widely used consumer-grade router model, which is often deployed in home and small office environments, making it a critical target for attackers aiming to compromise network infrastructure or pivot into internal networks.

For European organizations, this vulnerability poses a substantial risk, especially for small and medium enterprises (SMEs) and home office setups that utilize Tenda FH1201 routers. Exploitation could lead to unauthorized remote code execution, allowing attackers to gain control over the router, intercept or manipulate network traffic, and potentially launch further attacks within the internal network. This could result in data breaches, disruption of business operations, and compromise of sensitive information. Given the router's role as a network gateway, successful exploitation could undermine network integrity and availability, impacting business continuity. Additionally, the lack of authentication requirement and remote exploitability increases the threat surface, making it easier for attackers to target vulnerable devices across Europe. The public availability of exploit code further elevates the risk of widespread attacks, including automated scanning and exploitation campaigns targeting vulnerable Tenda FH1201 devices.

To mitigate this vulnerability effectively, European organizations should: 1) Immediately identify and inventory all Tenda FH1201 routers running the affected firmware version 1.2.0.14(408). 2) Apply any available firmware updates or patches from Tenda as soon as they are released; if no patch is currently available, contact Tenda support for guidance or consider temporary mitigations. 3) Restrict remote management access to the router by disabling WAN-side administration interfaces or limiting access via firewall rules to trusted IP addresses only. 4) Implement network segmentation to isolate vulnerable routers from critical internal systems, reducing the potential impact of compromise. 5) Monitor network traffic for unusual activity indicative of exploitation attempts, such as unexpected connections or anomalous DHCP-related requests. 6) Consider replacing affected devices with models from vendors with a stronger security track record if patches are not forthcoming. 7) Educate users and administrators about the risks and signs of exploitation to enable rapid detection and response.