CVE-2025-6112 – Tenda FH1205 Buffer Overflow Vulnerability

June 16, 2025

CVE ID : CVE-2025-6112

Published : June 16, 2025, 8:15 a.m. | 29 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2091 – M-Files Open Redirection Vulnerability

Next Article CVE-2025-6113 – Tenda FH1203 Buffer Overflow Vulnerability

Highlights

CVE-2025-35006 – Microhard BulletLTE-NA2 and IPn4Gii-NA2 Command Injection Vulnerability

June 8, 2025

CVE ID : CVE-2025-35006

Published : June 8, 2025, 9:15 p.m. | 38 minutes ago

Description : Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFPORTFWD command that can lead to privilege escalation. This is an instance of CWE-88, “Improper Neutralization of Argument Delimiters in a Command (‘Argument Injection’),” and is estimated as a CVSS 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). This issue has not been generally fixed at the time of this CVE record’s first publishing.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-6112 – Tenda FH1205 Buffer Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

The Micro-Frontend Architecture Handbook

CVE-2025-38231 – Linux Kernel NFSd NULL Pointer Dereference Vulnerability

CVE-2025-49861 – Kama Click Counter Cross-site Scripting Vulnerability

I wore Whoop’s latest health tracker – it gave me the best of Oura Ring, Apple Watch, and more

CVE-2025-35006 – Microhard BulletLTE-NA2 and IPn4Gii-NA2 Command Injection Vulnerability

CVE-2025-4717 – PHPGurukul Company Visitor Management System SQL Injection Vulnerability

Latest Harness IDP update better supports developer portals at scale

CVE-2024-49835 – Apple Safari Heap Overflow

CVE-2025-6112 – Tenda FH1205 Buffer Overflow Vulnerability

Related Posts