5 results (0.007 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/VodkaVortex/IoT/blob/main/formSafeEmailFilter.md https://vuldb.com/?ctiid.274190 https://vuldb.com/?id.274190 https://vuldb.com/?submit.385670 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/Safe_Client_or_Url_or_Mac_Filter_bof https://vuldb.com/?ctiid.273985 https://vuldb.com/?id.273985 https://vuldb.com/?submit.383693 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/qossetting_bof https://vuldb.com/?ctiid.273984 https://vuldb.com/?id.273984 https://vuldb.com/?submit.383692 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/GstDhcpSetSer_bof%26injection https://vuldb.com/?ctiid.273983 https://vuldb.com/?id.273983 https://vuldb.com/?submit.383691 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://palm-vertebra-fe9.notion.site/fromAddressNat_entrys-b04d5356e5f04e30b37cb9037b94e1b2 https://vuldb.com/?ctiid.261671 https://vuldb.com/?id.261671 https://vuldb.com/?submit.316036 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •