Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fh1201_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-16 | CVE-2025-6110 | A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | Fh1201_firmware | 8.8 | ||
| 2024-08-15 | CVE-2024-42952 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42947 | An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. | Fh1201_firmware | 9.8 | ||
| 2024-11-30 | CVE-2024-12002 | A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Fh1201_firmware, Fh1202_firmware, Fh1206_firmware, Fh451_firmware | 6.5 | ||
| 2024-08-15 | CVE-2024-42940 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42941 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42948 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42950 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42943 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 | ||
| 2024-08-15 | CVE-2024-42944 | Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | Fh1201_firmware | 7.5 |