ГлавнаяУязвимости → CVE-2025-14879
9.8критическая

CVE-2025-14879

Описание

A weakness has been identified in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/onSSIDChange of the component HTTP Request Handler. This manipulation of the argument ssid_index causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

Затрагиваемое ПО
Tenda Wh450 firmwareTenda Wh450
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/onSSIDChange/onSSIDChange.mdhttps://vuldb.com/?ctiid.337370https://vuldb.com/?id.337370https://vuldb.com/?submit.715362https://www.tenda.com.cn/https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/onSSIDChange/onSSIDChange.md