CVE-2025-4355 – Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability

May 6, 2025

CVE ID : CVE-2025-4355

Published : May 6, 2025, 1:15 p.m. | 1 hour, 44 minutes ago

Description : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4354 – Tenda DAP-1520 Stack-Based Buffer Overflow Vulnerability

Next Article CVE-2025-4353 – Golden Link Secondary System SQL Injection Vulnerability

Highlights

CVE-2025-53110 – Filesystem Model Context Protocol Servers Directory Traversal Vulnerability

July 2, 2025

CVE ID : CVE-2025-53110

Published : July 2, 2025, 3:15 p.m. | 4 hours, 27 minutes ago

Description : Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-4355 – Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

How Inclusive Design Leading and Creating Solutions for Universal Design

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories

The impact of gray work on software development

October is the Cyber Security Month: stats, events and advice

CVE-2025-53110 – Filesystem Model Context Protocol Servers Directory Traversal Vulnerability

CVE-2025-46716 – Sandboxie Kernel Pointer Read Vulnerability

Visual Studio Code now supports Baseline

CVE-2023-53138 – Cisco CAIF Use-After-Free Vulnerability

CVE-2025-4355 – Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability

Related Posts