CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-37719
https://notcve.org/view.php?id=CVE-2023-37719
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromP2pListFilter/report.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 1CVE-2023-37721
https://notcve.org/view.php?id=CVE-2023-37721
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeMacFilter/report.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 1CVE-2023-37722
https://notcve.org/view.php?id=CVE-2023-37722
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromSafeUrlFilter/report.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 1CVE-2023-37723
https://notcve.org/view.php?id=CVE-2023-37723
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromqossetting/report.md • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 6EXPL: 0CVE-2017-9138
https://notcve.org/view.php?id=CVE-2017-9138
There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering shell commands that change this router's username and password. Hay una vulnerabilidad de la interfaz de depuración en algunos routers Tenda (FH1202/F1202/F1200: versiones anteriores a 1.2.0.20). Después de conectarse localmente a un router de una manera cableada o inalámbrica, uno puede omitir las restricciones de acceso previstas mediante el envío de comandos de shell directamente y leyendo sus resultados, o por el ingreso de comandos de shell que cambian el nombre de usuario y contraseña de este router. • http://www.tendacn.com/en/2017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •