Fh1206 Firmware

fh1206_firmware

Vendor: Tenda • 39 CVEs

CVEs (39)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-42968 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the Go parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST reque...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the Go parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-7707 1Tenda 1Fh1206 Firmware Aug 22, 2024 Aug 13, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler....Show more A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-7615 1Tenda 1Fh1206 Firmware Aug 21, 2024 Aug 12, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stac...Show more A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-7614 1Tenda 1Fh1206 Firmware Aug 21, 2024 Aug 12, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-ba...Show more A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-7613 1Tenda 1Fh1206 Firmware Aug 21, 2024 Aug 12, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to buff...Show more A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-35340 1Tenda 1Fh1206 Firmware Apr 9, 2025 May 24, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.
CVE-2024-35339 1Tenda 1Fh1206 Firmware Apr 9, 2025 May 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.
CVE-2024-34946 1Tenda 1Fh1206 Firmware Apr 4, 2025 May 14, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.
CVE-2024-34945 1Tenda 1Fh1206 Firmware Apr 4, 2025 May 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle.
CVE-2024-34944 1Tenda 1Fh1206 Firmware Apr 4, 2025 May 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
CVE-2024-34943 1Tenda 1Fh1206 Firmware Apr 4, 2025 May 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.
CVE-2024-34942 1Tenda 1Fh1206 Firmware Apr 4, 2025 May 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
CVE-2024-33217 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter in ip/goform/addressNat.
CVE-2024-33215 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat.
CVE-2024-33214 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic.
CVE-2024-33213 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic.
CVE-2024-33212 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm.
CVE-2024-33211 1Tenda 1Fh1206 Firmware Mar 17, 2025 Apr 23, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex.
CVE-2024-4020 1Tenda 1Fh1206 Firmware Mar 6, 2025 Apr 20, 2024 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer o...Show more A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less

Previous 12