CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42980
https://notcve.org/view.php?id=CVE-2024-42980
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/frmL7ImForm.md • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42981
https://notcve.org/view.php?id=CVE-2024-42981
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromPptpUserSetting.md • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42982
https://notcve.org/view.php?id=CVE-2024-42982
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromVirtualSer.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42983
https://notcve.org/view.php?id=CVE-2024-42983
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the pptpPPW parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromAdvSetWan_pptpPPW.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42984
https://notcve.org/view.php?id=CVE-2024-42984
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromP2pListFilter.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42985
https://notcve.org/view.php?id=CVE-2024-42985
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromNatlimit.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42986
https://notcve.org/view.php?id=CVE-2024-42986
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromAdvSetWan_PPPOEPassword.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42987
https://notcve.org/view.php?id=CVE-2024-42987
15 Aug 2024 — Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the modino parameter in the fromPptpUserAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/fromPptpUserAdd.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42978
https://notcve.org/view.php?id=CVE-2024-42978
15 Aug 2024 — An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. • https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/telnet.md •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33211
https://notcve.org/view.php?id=CVE-2024-33211
23 Apr 2024 — Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex. Se descubrió que Tenda FH1206 V1.2.0.8(8155)_EN contiene una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria a través del parámetro PPPOEPassword en ip/goform/QuickIndex. • https://palm-vertebra-fe9.notion.site/formQuickIndex-e1f24466830f4cb4a7756d6997f411b4 • CWE-121: Stack-based Buffer Overflow •