CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7707 – Tenda FH1206 HTTP POST Request SafeEmailFilter formSafeEmailFilter stack-based overflow
https://notcve.org/view.php?id=CVE-2024-7707
A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/VodkaVortex/IoT/blob/main/formSafeEmailFilter.md https://vuldb.com/?ctiid.274190 https://vuldb.com/?id.274190 https://vuldb.com/?submit.385670 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7615 – Tenda FH1206 fromSafeUrlFilter stack-based overflow
https://notcve.org/view.php?id=CVE-2024-7615
A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/Safe_Client_or_Url_or_Mac_Filter_bof https://vuldb.com/?ctiid.273985 https://vuldb.com/?id.273985 https://vuldb.com/?submit.383693 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7614 – Tenda FH1206 qossetting fromqossetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-7614
A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/qossetting_bof https://vuldb.com/?ctiid.273984 https://vuldb.com/?id.273984 https://vuldb.com/?submit.383692 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7613 – Tenda FH1206 GstDhcpSetSer fromGstDhcpSetSer buffer overflow
https://notcve.org/view.php?id=CVE-2024-7613
A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/GstDhcpSetSer_bof%26injection https://vuldb.com/?ctiid.273983 https://vuldb.com/?id.273983 https://vuldb.com/?submit.383691 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7585 – Tenda i22 apPortalAuth formApPortalWebAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7585
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalWebAuth https://vuldb.com/?ctiid.273865 https://vuldb.com/?id.273865 https://vuldb.com/?submit.382837 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •