CVE-2025-7855 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

July 19, 2025

CVE ID : CVE-2025-7855

Published : July 19, 2025, 9:15 p.m. | 2 hours, 29 minutes ago

Description : A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7854 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

Next Article CVE-2025-7853 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-4473 – WordPress Frontend Dashboard Plugin Privilege Escalation Vulnerability

May 13, 2025

CVE ID : CVE-2025-4473

Published : May 13, 2025, 7:15 a.m. | 1 hour, 23 minutes ago

Description : The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

DistroWatch Weekly, Issue 1131

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

Windows 11 tests “shared audio” to play music via multiple devices, new taskbar animations

WhatsApp for Windows 11 is switching back to Chromium web wrapper from UWP/native

DistroWatch Weekly, Issue 1131

CVE-2025-7855 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

It almost pains me to say it, but Microsoft Edge is great on Linux – you should try it

CVE-2025-4533 – JeecgBoot Document Library Upload Remote Resource Consumption Vulnerability

CVE-2025-5353 – Ivanti Workspace Control SQL Credential Decryption Vulnerability

CVE-2025-47683 – Florent Maillefaud WP Maintenance Object Injection Vulnerability

CVE-2025-4473 – WordPress Frontend Dashboard Plugin Privilege Escalation Vulnerability

Handle Fluent Values as Arrays with Laravel’s array() Method

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access

Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls

CVE-2025-7855 – Tenda FH451 Stack-Based Buffer Overflow Vulnerability

Related Posts