CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3009 – Tenda FH1205 WriteFacMac formWriteFacMac command injection
https://notcve.org/view.php?id=CVE-2024-3009
A vulnerability has been found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWriteFacMac.md https://vuldb.com/?ctiid.258295 https://vuldb.com/?id.258295 https://vuldb.com/?submit.301488 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-3008 – Tenda FH1205 execCommand formexeCommand stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3008
A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7(775). Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/tykawaii98/CVE-2024-30088 https://github.com/NextGenPentesters/CVE-2024-30088- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formexeCommand.md https://vuldb.com/?ctiid.258294 https://vuldb.com/?id.258294 https://vuldb.com/?submit.301487 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-3007 – Tenda FH1205 NatStaticSetting fromNatStaticSetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3007
A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7(775). This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/blkph0x/CVE_2024_30078_POC_WIFI https://github.com/kvx07/CVE_2024_30078_A_POC https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromNatStaticSetting.md https://vuldb.com/?ctiid.258293 https://vuldb.com/?id.258293 https://vuldb.com/?submit.301486 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3006 – Tenda FH1205 fromRouteStatic fromSetRouteStatic stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3006
A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromRouteStatic.md https://vuldb.com/?ctiid.258292 https://vuldb.com/?id.258292 https://vuldb.com/?submit.301485 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2994 – Tenda FH1203 GetParentControlInfo stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2994
A vulnerability was found in Tenda FH1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/bjrjk/CVE-2024-29943 https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/GetParentControlInfo.md https://vuldb.com/?ctiid.258163 https://vuldb.com/?id.258163 https://vuldb.com/?submit.301373 • CWE-121: Stack-based Buffer Overflow •