Fh1202 Firmware
by Tenda
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7035 | Hig | 0.57 | 8.8 | 0.01 | Apr 26, 2026 | A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely.… | ||
| CVE-2026-7034 | Hig | 0.57 | 8.8 | 0.01 | Apr 26, 2026 | A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated… | ||
| CVE-2017-9138 | Hig | 0.52 | 8.0 | 0.01 | May 21, 2017 | There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their… | ||
| CVE-2017-9139 | Low | 0.23 | 3.5 | 0.00 | May 21, 2017 | There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds. | ||
| CVE-2025-9806 | Low | 0.12 | 1.9 | 0.00 | Sep 2, 2025 | A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed… | ||
| CVE-2026-3811 | 0.00 | — | 0.01 | Mar 9, 2026 | A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made… | |||
| CVE-2026-3810 | 0.00 | — | 0.01 | Mar 9, 2026 | A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit… | |||
| CVE-2026-3809 | 0.00 | — | 0.01 | Mar 9, 2026 | A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The… | |||
| CVE-2026-3808 | 0.00 | — | 0.03 | Mar 9, 2026 | A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated… | |||
| CVE-2026-3807 | 0.00 | — | 0.01 | Mar 9, 2026 | A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow. The attack can be launched… | |||
| CVE-2024-32311 | 0.00 | — | 0.01 | Apr 17, 2024 | Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | |||
| CVE-2024-32299 | 0.00 | — | 0.01 | Apr 17, 2024 | Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | |||
| CVE-2024-32310 | 0.00 | — | 0.01 | Apr 17, 2024 | Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the PPW parameter of the fromWizardHandle function. | |||
| CVE-2024-32307 | 0.00 | — | 0.01 | Apr 17, 2024 | Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | |||
| CVE-2024-30598 | 0.00 | — | 0.01 | Mar 28, 2024 | Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function. |
- risk 0.57cvss 8.8epss 0.01
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely.…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated…
- risk 0.52cvss 8.0epss 0.01
There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their…
- risk 0.23cvss 3.5epss 0.00
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.
- risk 0.12cvss 1.9epss 0.00
A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed…
- CVE-2026-3811Mar 9, 2026risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made…
- CVE-2026-3810Mar 9, 2026risk 0.00cvss —epss 0.01
A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit…
- CVE-2026-3809Mar 9, 2026risk 0.00cvss —epss 0.01
A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The…
- CVE-2026-3808Mar 9, 2026risk 0.00cvss —epss 0.03
A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated…
- CVE-2026-3807Mar 9, 2026risk 0.00cvss —epss 0.01
A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow. The attack can be launched…
- CVE-2024-32311Apr 17, 2024risk 0.00cvss —epss 0.01
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.
- CVE-2024-32299Apr 17, 2024risk 0.00cvss —epss 0.01
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.
- CVE-2024-32310Apr 17, 2024risk 0.00cvss —epss 0.01
Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the PPW parameter of the fromWizardHandle function.
- CVE-2024-32307Apr 17, 2024risk 0.00cvss —epss 0.01
Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.
- CVE-2024-30598Mar 28, 2024risk 0.00cvss —epss 0.01
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function.