CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 1CVE-2024-3878 – Tenda F1202 webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3878
16 Apr 2024 — A vulnerability, which was classified as critical, has been found in Tenda F1202 1.2.0.20(408). Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromwebExcptypemanFilter.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3877 – Tenda F1202 fromqossetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3877
16 Apr 2024 — A vulnerability classified as critical was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function fromqossetting of the file /goform/fromqossetting. The manipulation of the argument qos leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromqossetting.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3876 – Tenda F1202 VirtualSer fromVirtualSer stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3876
16 Apr 2024 — A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromVirtualSer.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3875 – Tenda F1202 Natlimit fromNatlimit stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3875
16 Apr 2024 — A vulnerability was found in Tenda F1202 1.2.0.20(408). It has been rated as critical. This issue affects the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromNatlimit.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30634
https://notcve.org/view.php?id=CVE-2024-30634
29 Mar 2024 — Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the mitInterface parameter in the fromAddressNat function. Tenda F1202 v1.2.0.20(408) tiene una vulnerabilidad de desbordamiento de la región stack de la memoria a través del parámetro mitInterface en la función fromAddressNat. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_mitInterface.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30635
https://notcve.org/view.php?id=CVE-2024-30635
29 Mar 2024 — Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in the funcpara1 parameter in the formSetCfm function. Tenda F1202 v1.2.0.20(408) tiene una vulnerabilidad de desbordamiento de la región stack de la memoria ubicada en el parámetro funcpara1 en la función formSetCfm. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/formSetCfm.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2024-30637
https://notcve.org/view.php?id=CVE-2024-30637
29 Mar 2024 — Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function in the mac parameter. Tenda F1202 v1.2.0.20(408) tiene una vulnerabilidad de inyección de comandos en la función formWriteFacMac en el parámetro mac. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/formWriteFacMac.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30638
https://notcve.org/view.php?id=CVE-2024-30638
29 Mar 2024 — Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the entrys parameter in the fromAddressNat function. Tenda F1202 v1.2.0.20(408) tiene una vulnerabilidad de desbordamiento de la región stack de la memoria a través del parámetro de entradas en la función fromAddressNat. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_entrys.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30639
https://notcve.org/view.php?id=CVE-2024-30639
29 Mar 2024 — Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability in the page parameter of fromAddressNat function. Tenda F1202 v1.2.0.20(408) tiene una vulnerabilidad de desbordamiento de la región stack de la memoria en el parámetro de página de la función fromAddressNat. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F/F1202/fromAddressNat_page.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 1CVE-2023-38932
https://notcve.org/view.php?id=CVE-2023-38932
07 Aug 2023 — Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/formSafeEmailFilter • CWE-787: Out-of-bounds Write •