CVE-2025-7747 – Tenda POST Request Handler Buffer Overflow Vulnerability

July 17, 2025

CVE ID : CVE-2025-7747

Published : July 17, 2025, 6:15 p.m. | 21 minutes ago

Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7749 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

Next Article CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

Highlights

CVE-2025-34049 – OptiLink ONT1GEW Command Injection

June 26, 2025

CVE ID : CVE-2025-34049

Published : June 26, 2025, 4:15 p.m. | 51 minutes ago

Description : An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

Report: Samsung’s tri-fold phone, XR headset, and AI smart glasses to be revealed at Sep 29 Unpacked event

Are smart glasses with built-in hearing aids viable? My verdict after months of testing

These 7 smart plug hacks that saved me time, money, and energy (and how I set them up)

Amazon will sell you the iPhone 16 Pro for $250 off right now – how the deal works

Fake News Detection using Python Machine Learning (ML)

Fake News Detection using Python Machine Learning (ML)

Common FP – A New JS Utility Lib

Call for Speakers – JS Conf Armenia 2025

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Fox Sports not Working: 7 Quick Fixes to Stream Again

Capital One Zelle not Working: 7 Fast Fixes

CVE-2025-7747 – Tenda POST Request Handler Buffer Overflow Vulnerability

CVE-2024-32832 – Hamid Alinia Login with Phone Number Missing Authorization

CVE-2025-31100 – Mojoomla School Management Unrestricted File Upload Vulnerability

Windows Subsystem for Linux 2 (WSL2): The Complete Tutorial for Windows 10 & 11

Google Launches Gemini 2.5 Pro I/O: Outperforms GPT-4 in Coding, Supports Native Video Understanding and Leads WebDev Arena

You’re a business

Divine Comedy

CVE-2025-34049 – OptiLink ONT1GEW Command Injection

Modern Node.js Patterns for 2025

FCA Just Dropped Big News on Live AI Testing for UK Firms

CVE-2025-46567 – LLaMA Factory Deserialization Command Execution Vulnerability

CVE-2025-7747 – Tenda POST Request Handler Buffer Overflow Vulnerability

Related Posts