CNNVD-202512-3874 Information

Dec 21, 2025 cve

CNNVD ID

CNNVD-202512-3874

CVE-2025-14995

CNNVD Published: 2025-12-21

Description (Chinese)

Tenda FH1201是中国腾达（Tenda）公司的一款无线路由器。 Tenda FH1201 1.2.0.14(408)版本存在安全漏洞，该漏洞源于文件/goform/SetIpBind的sprintf函数对参数page处理不当，可能导致栈缓冲区溢出。

Description (English)

Tenda FH1201 is a wireless router of Tenda, China. There is a security loophole in the version of Tenda FH1201 1.2.1.4 (408), which stems from the mishandling of the parameter page in the sprintf function of the document/goform/SetIpBind, which may result in spilling out of the fence.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-12-21

Last Modified

2026-02-24

References

https://vuldb.com/?submit.719154 https://www.tenda.com.cn/ https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md#reproduce https://vuldb.com/?ctiid.337689 https://vuldb.com/?id.337689 https://access.redhat.com/security/cve/cve-2025-14995

Share on: