CVE-2025-7463

🗓️ 12 Jul 2025 06:02:06Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 17 Views🌐 WEB

Critical vulnerability in Tenda FH1201 allowing remote buffer overflow via HTTP POST request.

Reporter	Title	Published	Views	Family All 9
CNNVD	Tenda FH1201 安全漏洞	12 Jul 202500:00	–	cnnvd
CNVD	Tenda FH1201 Buffer Overflow Vulnerability (CNVD-2025-16633)	18 Jul 202500:00	–	cnvd
Cvelist	CVE-2025-7463 Tenda FH1201 HTTP POST Request AdvSetWrlsafeset formWrlsafeset buffer overflow	12 Jul 202506:02	–	cvelist
EUVD	EUVD-2025-21204	3 Oct 202520:07	–	euvd
NVD	CVE-2025-7463	12 Jul 202506:15	–	nvd
OSV	CVE-2025-7463	12 Jul 202506:15	–	osv
Positive Technologies	PT-2025-29307 · Tenda · Tenda Fh1201	6 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-7463	14 Jul 202506:17	–	redhatcve
Vulnrichment	CVE-2025-7463 Tenda FH1201 HTTP POST Request AdvSetWrlsafeset formWrlsafeset buffer overflow	12 Jul 202506:02	–	vulnrichment

NVD

Vulners

Node

tenda fh1201_firmwareMatch1.2.0.14

AND

tenda fh1201Match-

[
  {
    "vendor": "Tenda",
    "product": "FH1201",
    "versions": [
      {
        "version": "1.2.0.14",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
candle-throne-f75	www.candle-throne-f75.notion.site/Tenda-FH1201-formWrlsafeset-228df0aa118580a3b0dcd29972efbf0e
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
tenda	www.tenda.com.cn/

Parameter	Position	Path	Description	CWE
mit_ssid	request body	/goform/AdvSetWrlsafeset	Buffer overflow vulnerability in formWrlsafeset handling of mit_ssid parameter allowing remote exploit.	CWE-119, CWE-120

15 Jul 2025 18:09Current

7.3High risk

Vulners AI Score7.3

CVSS 48.7

CVSS 3.18.8

CVSS 29

CVSS 38.8

EPSS0.01103

SSVC