Sign-up

ID

VAR-202505-1373


CVE

CVE-2025-45513


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  fh451  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-005639

DESCRIPTION

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. Shenzhen Tenda Technology Co.,Ltd. of fh451 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the P2pListFilter function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-45513 // JVNDB: JVNDB-2025-005639 // CNVD: CNVD-2025-10594

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-10594

AFFECTED PRODUCTS

vendor:tendamodel:fh451scope:eqversion:1.0.0.9

Trust: 1.0

vendor:tendamodel:fh451scope:eqversion: -

Trust: 0.8

vendor:tendamodel:fh451scope:eqversion:fh451 firmware 1.0.0.9

Trust: 0.8

vendor:tendamodel:fh451scope: - version: -

Trust: 0.8

vendor:tendamodel:fh451scope:eqversion:v1.0.0.9

Trust: 0.6

sources: CNVD: CNVD-2025-10594 // JVNDB: JVNDB-2025-005639 // NVD: CVE-2025-45513

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-45513
value: CRITICAL

Trust: 1.0

OTHER: JVNDB-2025-005639
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2025-10594
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-10594
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-45513
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-005639
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-10594 // JVNDB: JVNDB-2025-005639 // NVD: CVE-2025-45513

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-005639 // NVD: CVE-2025-45513

EXTERNAL IDS

db:NVDid:CVE-2025-45513

Trust: 3.2

db:JVNDBid:JVNDB-2025-005639

Trust: 0.8

db:CNVDid:CNVD-2025-10594

Trust: 0.6

sources: CNVD: CNVD-2025-10594 // JVNDB: JVNDB-2025-005639 // NVD: CVE-2025-45513

REFERENCES

url:https://github.com/eu21ka/cve_report/blob/master/the%20router%20tenda%20fh451%20v1.0.0.9%20of%20shenzhen%20jixiang%20tenda%20technology%20co.%2c%20ltd.%20has%20a%20stack%20overflow%20vulnerability.md

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2025-45513

Trust: 0.8

sources: CNVD: CNVD-2025-10594 // JVNDB: JVNDB-2025-005639 // NVD: CVE-2025-45513

SOURCES

db:CNVDid:CNVD-2025-10594
db:JVNDBid:JVNDB-2025-005639
db:NVDid:CVE-2025-45513

LAST UPDATE DATE

2025-05-29T23:47:33.651000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-10594date:2025-05-26T00:00:00
db:JVNDBid:JVNDB-2025-005639date:2025-05-26T02:36:00
db:NVDid:CVE-2025-45513date:2025-05-24T00:51:51.153

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-10594date:2025-05-22T00:00:00
db:JVNDBid:JVNDB-2025-005639date:2025-05-26T00:00:00
db:NVDid:CVE-2025-45513date:2025-05-09T16:15:24.747