Tenda AX1803 1.0.0.1 /goform/setWifiFilterCfg formSetWifiMacFilterCfg deviceList Pufferüberlauf

Gaskiya vulnerability da aka ware a matsayin kura an samu a Tenda AX1803 1.0.0.1. Hakika, aikin formSetWifiMacFilterCfg ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil /goform/setWifiFilterCfg, a cikin sashen $software_component. A sa manipulation of the argument deviceList ka Pufferüberlauf. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-121. Hakika, rauni an bayyana shi 07/13/2025. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2025-7598. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

3 Goyarwa · 89 Datenpunkte

FurɗeSúgá
07/13/2025 15:18		Gargadi 1/2
07/14/2025 14:43		Gargadi 2/2
07/14/2025 15:08
software_vendorTendaTendaTenda
software_nameAX1803AX1803AX1803
software_version1.0.0.11.0.0.11.0.0.1
software_file/goform/setWifiFilterCfg/goform/setWifiFilterCfg/goform/setWifiFilterCfg
software_functionformSetWifiMacFilterCfgformSetWifiMacFilterCfgformSetWifiMacFilterCfg
software_argumentdeviceListdeviceListdeviceList
vulnerability_cweCWE-121 (Pufferüberlauf)CWE-121 (Pufferüberlauf)CWE-121 (Pufferüberlauf)
vulnerability_risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
advisory_urlhttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.mdhttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.mdhttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.md
exploit_availability111
exploit_publicity111
exploit_urlhttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.md#pochttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.md#pochttps://github.com/panda666-888/vuls/blob/main/tenda/ax1803/formSetWifiMacFilterCfg.md#poc
source_cveCVE-2025-7598CVE-2025-7598CVE-2025-7598
cna_responsibleVulDBVulDBVulDB
software_typeRouter Operating SystemRouter Operating SystemRouter Operating System
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss4_vuldb_avNNN
cvss4_vuldb_acLLL
cvss4_vuldb_uiNNN
cvss4_vuldb_vcHHH
cvss4_vuldb_viHHH
cvss4_vuldb_vaHHH
cvss4_vuldb_ePPP
cvss2_vuldb_auSSS
cvss2_vuldb_rlNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_rlXXX
cvss4_vuldb_atNNN
cvss4_vuldb_prLLL
cvss4_vuldb_scNNN
cvss4_vuldb_siNNN
cvss4_vuldb_saNNN
cvss2_vuldb_basescore9.09.09.0
cvss2_vuldb_tempscore7.77.77.7
cvss3_vuldb_basescore8.88.88.8
cvss3_vuldb_tempscore8.08.08.0
cvss3_meta_basescore8.88.88.8
cvss3_meta_tempscore8.08.08.4
cvss4_vuldb_bscore8.78.78.7
cvss4_vuldb_btscore7.47.47.4
advisory_date1752357600 (07/13/2025)1752357600 (07/13/2025)1752357600 (07/13/2025)
price_0day$0-$5k$0-$5k$0-$5k
euvd_idEUVD-2025-21338EUVD-2025-21338
cve_nvd_summaryA vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
cvss4_cna_avN
cvss4_cna_acL
cvss4_cna_atN
cvss4_cna_prL
cvss4_cna_uiN
cvss4_cna_vcH
cvss4_cna_viH
cvss4_cna_vaH
cvss4_cna_scN
cvss4_cna_siN
cvss4_cna_saN
cvss4_cna_bscore8.7
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cH
cvss3_cna_iH
cvss3_cna_aH
cvss3_cna_basescore8.8
cvss2_cna_avN
cvss2_cna_acL
cvss2_cna_auS
cvss2_cna_ciC
cvss2_cna_iiC
cvss2_cna_aiC
cvss2_cna_basescore9

GurɗoGumtiGada

Do you want to use VulDB in your project?

Use the official API to access entries easily!