CVE-2025-14878

Tenda WH450 HTTP Request wirelessRestart stack-based overflow

Description

A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

INFO

Published Date :

2025-12-18T16:02:12.818Z

Last Modified :

2025-12-18T17:52:48.670Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-14878 vulnerability.

Vendors	Products
Tenda	Wh450

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-14878.

URL	Resource
https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/wirelessRestart/wirelessRestart.md
https://vuldb.com/?ctiid.337369
https://vuldb.com/?id.337369
https://vuldb.com/?submit.715357
https://www.tenda.com.cn/

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact