Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fh451_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-07-19 | CVE-2025-7854 | A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Fh451_firmware | 8.8 | ||
| 2025-07-19 | CVE-2025-7855 | A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. | Fh451_firmware | 8.8 | ||
| 2025-07-11 | CVE-2025-7434 | A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Fh451_firmware | N/A | ||
| 2025-07-12 | CVE-2025-7505 | A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Fh451_firmware | N/A | ||
| 2025-07-12 | CVE-2025-7506 | A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Fh451_firmware | N/A | ||
| 2025-05-22 | CVE-2025-5080 | A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Fh451_firmware | N/A | ||
| 2025-05-07 | CVE-2025-45514 | Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. | Fh451_firmware | N/A | ||
| 2025-05-09 | CVE-2025-45513 | Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. | Fh451_firmware | N/A | ||
| 2025-05-12 | CVE-2025-44176 | Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. | Fh451_firmware | N/A | ||
| 2024-11-30 | CVE-2024-12002 | A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Fh1201_firmware, Fh1202_firmware, Fh1206_firmware, Fh451_firmware | 6.5 |