Cyber Posture

CVE-2025-7506

HighPublic PoC

Published: 12 July 2025

Published
12 July 2025
Modified
15 July 2025
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0089 75.6th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7506 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Fh451 Firmware. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 24.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents stack-based buffer overflows by enforcing input validation mechanisms on the 'page' argument in HTTP POST requests to /goform/Natlimit.

SI-16 Memory Protection good match
prevent

Mitigates exploitation of stack-based buffer overflows through memory protections such as stack canaries and address space layout randomization.

SI-2 Flaw Remediation good match
prevent

Requires identification and timely patching of critical firmware flaws like this buffer overflow in Tenda FH451 routers.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

The stack-based buffer overflow in the router's public-facing HTTP POST handler (/goform/Natlimit) enables remote code execution via exploitation of a public-facing application.

NVD Description

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer…

more

overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Deeper analysisAI

CVE-2025-7506 is a critical stack-based buffer overflow vulnerability affecting Tenda FH451 routers running firmware version 1.0.0.9. The flaw resides in the fromNatlimit function within the /goform/Natlimit file of the HTTP POST Request Handler component, where manipulation of the "page" argument triggers the overflow.

The vulnerability enables remote exploitation over the network with low complexity and requires low privileges, but no user interaction. Per its CVSS v3.1 score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), attackers can achieve high impacts on confidentiality, integrity, and availability, potentially leading to remote code execution or system crashes.

Exploit details, including a sample payload, have been publicly disclosed on GitHub at repositories like https://github.com/zezhifu1/cve_report/blob/main/FH451/fromNatlimit.md. Additional information is available via VulDB entries such as https://vuldb.com/?ctiid.316189 and https://vuldb.com/?id.316189. No vendor patches or mitigation guidance are detailed in the referenced sources.

Details

CWE(s)
CWE-119CWE-121

Affected Products

tenda
fh451 firmware
1.0.0.9

CVEs Like This One

CVE-2025-7792Same product: Tenda Fh451
CVE-2025-7805Same product: Tenda Fh451
CVE-2025-7434Same product: Tenda Fh451
CVE-2025-7505Same product: Tenda Fh451
CVE-2025-7806Same product: Tenda Fh451
CVE-2025-7794Same product: Tenda Fh451
CVE-2025-7796Same product: Tenda Fh451
CVE-2025-7793Same product: Tenda Fh451
CVE-2025-7807Same product: Tenda Fh451
CVE-2025-7795Same product: Tenda Fh451

References