Urgent Cybersecurity Flaws Exposed in Tenda Devices

Good day, cybersecurity enthusiasts! Today’s roundup brings a flurry of vulnerabilities that demand our attention, from remotely exploitable buffer overflows to critical SQL injections. Let’s dive into the latest findings that could impact a range of devices and platforms.

Tenda Vulnerabilities – Buffer Overflows in Focus

A series of vulnerabilities have recently been disclosed in Tenda devices, notably affecting models such as the FH1203, FH1205, and FH1201. In these cases, attackers can remotely manipulate certain parameters to trigger buffer overflow issues:

• CVE-2025-6113 (FH1203): A flaw in the function fromadvsetlanip (located in /goform/AdvSetLanip) allows remote attackers to cause a buffer overflow by manipulating the lanMask argument. With critical severity rated at 8.8, the exploit has now been made public.
• CVE-2025-6112 (FH1205): Similarly, FH1205 version 2.0.0.7 is vulnerable via the same file and function. The manipulated lanMask leads to a buffer overflow, marking another high-risk flaw with a severity of 8.8.
• CVE-2025-6111 (FH1205): In an alternative attack route, the virtual serial function (fromVirtualSer in /goform/VirtualSer) is exploited through the ‘page’ parameter to cause a stack-based buffer overflow, again at a severity of 8.8.
• CVE-2025-6110 (FH1201): For Tenda FH1201, an unknown function in /goform/SafeMacFilter can be manipulated using the ‘page’ parameter, opening the door to a stack-based buffer overflow, also with an 8.8 severity rating.

The fact that these exploits have been publicly disclosed underscores the urgency to patch affected systems. For businesses that manage such devices, staying updated is critical to safeguarding network integrity.

Other High-Risk Vulnerabilities Making Headlines

More critical vulnerabilities have come to light across varied platforms:

• CVE-2025-4987: A stored Cross-site Scripting (XSS) vulnerability in the 3DEXPERIENCE Project Portfolio Manager permits attackers to inject malicious scripts through the Opportunity Management feature. Though its complexity can be a head-scratcher, the risk it presents is quite real with a severity of 8.7.
• CVE-2025-6169: Over at HAMASTAR Technology, the WIMP website co-construction management platform is found vulnerable to SQL Injection. This flaw, rated an alarming 9.8, could let unauthenticated remote attackers inject SQL commands to read, modify, or even delete database content.
• CVE-2025-6104, CVE-2025-6102, CVE-2025-6103: These critical flaws within Wifi-soft UniBox Controller systems (up to version 20250506) allow for OS Command Injection via manipulation of parameters such as ipaddress, mac_address, and Password. Each vulnerability carries a high severity of 8.8 and shares the common thread of an unresponsive vendor post-disclosure.
• CVE-2025-6098: A buffer overflow via the API in the UTT 进取 750W device is making the rounds, with critical severity of 9.8. Attackers can remotely exploit this through the strcpy function in /goform/setSysAdm, reminding us all about the importance of secure coding practices.
• CVE-2025-6091 and CVE-2025-6090: H3C’s GR-3000AX and GR-5400AX products have been flagged for buffer overflow vulnerabilities. Manipulation of specific parameters in file /routing/goform/aspForm can lead to a dangerous overflow. Both vulnerabilities have high severity ratings of 8.8, although the vendor currently considers the risk to be low.

Phishing, human error, and legacy system vulnerabilities continue to be the top causes of security breaches, as highlighted in recent surveys and industry observations. It’s a reminder that attackers are innovating, and organisations must remain vigilant.

Additional Cybersecurity News

Beyond the CVE alerts, other significant cybersecurity events have been reported:

• A major European insurer has been hit by a cyberattack, with sensitive data – including details related to FC Barcelona – among the over 200GB stolen. Such incidents reiterate the scale and potential impact of modern cyber threats.
• IBM’s Backup, Recovery, and Media Services for IBM i have been exposed to flaw exploits, potentially allowing hackers to gain elevated access. This vulnerability serves as another brisk reminder that no system is entirely immune if left unpatched.
• With government websites, banks, telecom organisations, and indeed critical infrastructure also on the radar, a 700% spike in cyber attacks on Israel since the recent geopolitical tensions reveals the broader implications of these technical vulnerabilities on national and international scales.

Staying Ahead with Cybersecurity Best Practices

Daily vulnerability discoveries such as these highlight the importance of robust cybersecurity procedures and the need for rapid patch management. For those finding the technicalities a bit too daunting, a reliable partner can make all the difference. Synergos Consultancy, based in Huddersfield, West Yorkshire, specialises in navigating the complexities of ISO Certifications, GDPR Compliance, and more. While we’re not here to peddle a sales pitch, staying compliant and secure in today’s threat landscape certainly calls for expert guidance now and then.

As always, ensure your systems are up-to-date, and be wary of unexpected network behaviour. A proactive approach today can mean fewer headaches tomorrow – and who doesn’t appreciate a smoother digital experience? Keep safe and cyber smart!