{"id":59466,"date":"2025-07-18T10:49:00","date_gmt":"2025-07-18T10:49:00","guid":{"rendered":""},"modified":"2025-09-08T17:18:43","modified_gmt":"2025-09-08T23:18:43","slug":"cve-2025-7463-critical-buffer-overflow-vulnerability-in-tenda-fh1201-1-2-0-14","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-7463-critical-buffer-overflow-vulnerability-in-tenda-fh1201-1-2-0-14\/","title":{"rendered":"CVE-2025-7463: Critical Buffer Overflow Vulnerability in Tenda FH1201 1.2.0.14<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity landscape is continually evolving, and new vulnerabilities are discovered every day. One such critical vulnerability, CVE-2025-7463, has been found in the Tenda FH1201 1.2.0.14. This vulnerability affects the HTTP POST Request<\/a> Handler in the function formWrlsafeset of the file \/goform\/AdvSetWrlsafeset. The manipulation of the argument mit_ssid can lead to a buffer overflow<\/a>, posing severe threats to the security of the system.
\nThe vulnerability is of significant concern as it can be exploited remotely, suggesting that any malicious actor with knowledge of this exploit can compromise the system<\/a>. Its disclosure to the public further increases the risk of exploitation, making it paramount for users to understand and apply the necessary mitigation steps.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-7463
\nSeverity: Critical (8.8 CVSS score)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n