CVE-2024-7615 – Tenda FH1206 fromSafeUrlFilter stack-based overflow
https://notcve.org/view.php?id=CVE-2024-7615
A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/Safe_Client_or_Url_or_Mac_Filter_bof https://vuldb.com/?ctiid.273985 https://vuldb.com/?id.273985 https://vuldb.com/?submit.383693 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-7614 – Tenda FH1206 qossetting fromqossetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-7614
A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/qossetting_bof https://vuldb.com/?ctiid.273984 https://vuldb.com/?id.273984 https://vuldb.com/?submit.383692 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-7613 – Tenda FH1206 GstDhcpSetSer fromGstDhcpSetSer buffer overflow
https://notcve.org/view.php?id=CVE-2024-7613
A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/FH1206/GstDhcpSetSer_bof%26injection https://vuldb.com/?ctiid.273983 https://vuldb.com/?id.273983 https://vuldb.com/?submit.383691 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-7585 – Tenda i22 apPortalAuth formApPortalWebAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7585
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalWebAuth https://vuldb.com/?ctiid.273865 https://vuldb.com/?id.273865 https://vuldb.com/?submit.382837 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-7584 – Tenda i22 apPortalPhoneAuth formApPortalPhoneAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7584
A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalPhoneAuth https://vuldb.com/?ctiid.273864 https://vuldb.com/?id.273864 https://vuldb.com/?submit.382836 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •