FH1201
by Tenda
CVEs (35)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42947 | Cri | 0.64 | 9.8 | 0.01 | Aug 15, 2024 | An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. | ||
| CVE-2024-41473 | Cri | 0.64 | 9.8 | 0.07 | Jul 25, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | ||
| CVE-2024-41468 | Cri | 0.64 | 9.8 | 0.05 | Jul 25, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | ||
| CVE-2024-41461 | Cri | 0.64 | 9.8 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. | ||
| CVE-2024-41460 | Cri | 0.64 | 9.8 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | ||
| CVE-2024-41459 | Cri | 0.64 | 9.8 | 0.01 | Jul 24, 2024 | Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | ||
| CVE-2025-7551 | Hig | 0.57 | 8.8 | 0.01 | Jul 14, 2025 | A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument modino/username leads to stack-based buffer overflow. The… | ||
| CVE-2025-7550 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2025 | A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the… | ||
| CVE-2025-7549 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2025 | A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The… | ||
| CVE-2025-7548 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2025 | A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be… | ||
| CVE-2025-7468 | Hig | 0.57 | 8.8 | 0.01 | Jul 12, 2025 | A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer… | ||
| CVE-2025-7465 | Hig | 0.57 | 8.8 | 0.01 | Jul 12, 2025 | A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer… | ||
| CVE-2025-7463 | Hig | 0.57 | 8.8 | 0.01 | Jul 12, 2025 | A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mit_ssid leads to buffer… | ||
| CVE-2025-6110 | Hig | 0.57 | 8.8 | 0.03 | Jun 16, 2025 | A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The… | ||
| CVE-2024-44859 | Hig | 0.52 | 8.0 | 0.01 | Sep 4, 2024 | Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`. | ||
| CVE-2024-42948 | Hig | 0.50 | 7.5 | 0.11 | Aug 15, 2024 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||
| CVE-2024-42955 | Hig | 0.49 | 7.5 | 0.01 | Aug 15, 2024 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||
| CVE-2024-42954 | Hig | 0.49 | 7.5 | 0.01 | Aug 15, 2024 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||
| CVE-2024-42953 | Hig | 0.49 | 7.5 | 0.01 | Aug 15, 2024 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||
| CVE-2024-42952 | Hig | 0.49 | 7.5 | 0.01 | Aug 15, 2024 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. |
- risk 0.64cvss 9.8epss 0.01
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request.
- risk 0.64cvss 9.8epss 0.07
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac
- risk 0.64cvss 9.8epss 0.05
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand
- risk 0.64cvss 9.8epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
- risk 0.64cvss 9.8epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic.
- risk 0.64cvss 9.8epss 0.01
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex.
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument modino/username leads to stack-based buffer overflow. The…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The…
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be…
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer…
- risk 0.57cvss 8.8epss 0.01
A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mit_ssid leads to buffer…
- risk 0.57cvss 8.8epss 0.03
A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The…
- risk 0.52cvss 8.0epss 0.01
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
- risk 0.50cvss 7.5epss 0.11
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- risk 0.49cvss 7.5epss 0.01
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Page 1 of 2