CVE-2025-7795

HIGH

Tenda FH451 1.0.0.9 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-7795. PoCs published by Byte Reaper, byteReaper77.

AI-analyzed exploit summary This exploit demonstrates a stack-based buffer overflow in Tenda FH451 1.0.0.9 routers via an unauthenticated POST request to the /goform/fromP2pListFilter endpoint. It sends increasingly large payloads to trigger a crash and verifies the vulnerability by checking server responsiveness via ping.

Description

A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploits (2)

exploitdb WORKING POC
by Byte Reaper · cremotemultiple
https://www.exploit-db.com/exploits/52374

This exploit demonstrates a stack-based buffer overflow in Tenda FH451 1.0.0.9 routers via an unauthenticated POST request to the /goform/fromP2pListFilter endpoint. It sends increasingly large payloads to trigger a crash and verifies the vulnerability by checking server responsiveness via ping.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Tenda FH451 1.0.0.9
No auth needed
Prerequisites: Network access to the target router · Curl library installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by byteReaper77 · poc
https://github.com/byteReaper77/CVE-2025-7795

The repository contains a functional exploit for CVE-2025-7795, a buffer overflow vulnerability in Tenda routers. The exploit sends crafted POST requests to an unauthenticated endpoint, attempting to crash the device by overflowing a buffer with increasing payload sizes.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Tenda Routers (specific models not specified)
No auth needed
Prerequisites: Network access to the target router · Knowledge of the target IP or URL
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry technical-description
https://vuldb.com/?id.316856
Permissions Required signature permissions-required
https://vuldb.com/?ctiid.316856
Third Party Advisory, VDB Entry third-party-advisory
https://vuldb.com/?submit.616344
Product product
https://www.tenda.com.cn/

Scores

CVSS v3 8.8
EPSS 0.1816
EPSS Percentile 95.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-119 CWE-121
Status published
Products (1)
tenda/fh451_firmware 1.0.0.9
Published Jul 18, 2025
Tracked Since Feb 18, 2026