CVE-2025-70314 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: February 13, 2026
webfsd - Buffer Overflow
Published: February 12, 2026Updated: February 13, 2026Remote Exploitable
Overview
webfsd 1.21 contains a buffer overflow caused by improper handling of the filename variable in crafted requests, letting remote attackers execute arbitrary code, exploit requires sending crafted requests.
Severity & Score
Severity: Critical
CVSS Score: 9.8
EPSS Score: 4.1%(Probability of exploitation in next 30 days)
Impact
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to the latest version.
References
Social Media Activity(1 post)
TheHackerWire
@thehackerwire
š“ CVE-2025-70314 - Critical (9.8) webfsd 1.21 is vulnerable to a Buffer Overflow via a crafted request. This is due to the filename variable š https://www.thehackerwire.com/vulnerability/CVE-2025-70314/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2025-70314
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- unconfirmed
- EPSS
- 4.1%
- Social Posts
- 1
CWE
- CWE-120
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
4.1%Probability of exploitation in the next 30 days