Fh1206 Firmware

fh1206_firmware

Vendor: Tenda • 39 CVEs

CVEs (39)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-14994 1Tenda 2Fh1201 Firmware Fh1206 Firmware Dec 31, 2025 Dec 21, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8(8155). This impacts the function strcat of the file /goform/webtypelibrary of the component HTTP Request Handler. This manipulation of the argument w...Show more A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8(8155). This impacts the function strcat of the file /goform/webtypelibrary of the component HTTP Request Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.Show less
CVE-2024-12002 1Tenda 4Fh1201 Firmware Fh1202 FirmwareFh1206 Firmware+1 more Dec 10, 2024 Nov 30, 2024 5.3 MEDIUM· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of...Show more A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-44390 1Tenda 1Fh1206 Firmware Dec 13, 2024 Aug 23, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafeset.
CVE-2024-44387 1Tenda 1Fh1206 Firmware Dec 13, 2024 Aug 23, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the functino formWrlExtraGet.
CVE-2024-44386 1Tenda 1Fh1206 Firmware Apr 4, 2025 Aug 23, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function fromSetIpBind.
CVE-2024-42987 1Tenda 1Fh1206 Firmware Sep 2, 2025 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. The vulnerability can be triggered via the modino, username, newpwd, or pptpdnetseg paramet...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. The vulnerability can be triggered via the modino, username, newpwd, or pptpdnetseg parameters, all of which are passed via HTTP POST and used in unsafe sprintf calls without proper length validation. A remote attacker can exploit this flaw through a crafted POST request, which may cause a Denial of Service (DoS). In certain scenarios, this issue could potentially be leveraged to achieve remote code execution.Show less
CVE-2024-42986 1Tenda 1Fh1206 Firmware Oct 24, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POS...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42985 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-42984 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST req...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42983 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST requ...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42982 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST reques...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42981 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42980 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-42979 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ProtForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42978 1Tenda 1Fh1206 Firmware Mar 25, 2025 Aug 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request.
CVE-2024-42977 1Tenda 1Fh1206 Firmware Oct 24, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42976 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42974 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted P...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42973 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSetlpBind function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42969 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST req...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less

12 Next