Filtered by vendor Tenda
Subscriptions
Filtered by product Fh1202
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-2980 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258149 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2981 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2982 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 5.5 Medium |
| A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258151. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2983 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this issue is the function formSetClientState of the file /goform/SetClientState. The manipulation of the argument deviceId/limitSpeed/limitSpeedUp leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258152. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2984 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been classified as critical. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258153 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2985 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-258154 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2986 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258155. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2987 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-01-14 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258156. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-37712 | 1 Tenda | 6 Ac1206, Ac1206 Firmware, F1202 and 3 more | 2025-01-06 | 9.8 Critical |
| Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function. | ||||
| CVE-2024-12002 | 1 Tenda | 8 Fh1201, Fh1201 Firmware, Fh1202 and 5 more | 2024-12-10 | 4.3 Medium |
| A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-32315 | 1 Tenda | 1 Fh1202 | 2024-11-21 | 4.7 Medium |
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | ||||
| CVE-2023-38939 | 1 Tenda | 4 F1202, F1202 Firmware, Fh1202 and 1 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.2.0.9 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the mit_ssid parameter in the formWrlsafeset function. | ||||
| CVE-2023-38938 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter at /L7Im. | ||||
| CVE-2023-38932 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | ||||
| CVE-2023-37723 | 1 Tenda | 10 4g300, 4g300 Firmware, F1202 and 7 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting. | ||||
| CVE-2023-37722 | 1 Tenda | 6 4g300, 4g300 Firmware, F1202 and 3 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter. | ||||
| CVE-2023-37721 | 1 Tenda | 10 4g300, 4g300 Firmware, F1202 and 7 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter. | ||||
| CVE-2023-37719 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter. | ||||
| CVE-2023-37718 | 1 Tenda | 6 4g300, 4g300 Firmware, F1202 and 3 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter. | ||||
| CVE-2023-37717 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2024-11-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. | ||||