CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-4354

A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/Ghostsuzhijian/Iot-/blob/main/DAP-1520_replace_special_char/DAP-1520_replace_special_char.md
https://vuldb.com/?ctiid.307472
https://vuldb.com/?id.307472
https://vuldb.com/?submit.564719
https://www.tenda.com.cn/

Products affected by CVE-2025-4354

Dlink » Dap-1520 » Version: N/A

cpe:2.3:h:dlink:dap-1520:-
Dlink » Dap-1520 Firmware » Version: 1.10b04

cpe:2.3:o:dlink:dap-1520_firmware:1.10b04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4354

Products

Pricing

Contact Us