CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7596 – Tenda FH1205 WifiExtraSet formWifiExtraSet stack-based overflow
https://notcve.org/view.php?id=CVE-2025-7596
14 Jul 2025 — A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been rated as critical. This issue affects the function formWifiExtraSet of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be initiated remotely. • https://github.com/panda666-888/vuls/blob/main/tenda/fh1205/formWifiExtraSet.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6112 – Tenda FH1205 AdvSetLanip fromadvsetlanip buffer overflow
https://notcve.org/view.php?id=CVE-2025-6112
16 Jun 2025 — A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://lavender-bicycle-a5a.notion.site/Tenda-FH1205-fromadvsetlanip-20b53a41781f80bf850ff39f88ad7f2b?source=copy_link • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6111 – Tenda FH1205 VirtualSer fromVirtualSer stack-based overflow
https://notcve.org/view.php?id=CVE-2025-6111
16 Jun 2025 — A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://lavender-bicycle-a5a.notion.site/Tenda-FH1205-fromVirtualSer-20b53a41781f809180a7d46f12f0417f?source=copy_link • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3012 – Tenda FH1205 GetParentControlInfo stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3012
28 Mar 2024 — A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been declared as critical. This vulnerability affects the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/GetParentControlInfo.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3011 – Tenda FH1205 QuickIndex formQuickIndex stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3011
28 Mar 2024 — A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formQuickIndex.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3010 – Tenda FH1205 setcfm formSetCfm stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3010
27 Mar 2024 — A vulnerability was found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this issue is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formSetCfm.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 6%CPEs: 1EXPL: 1CVE-2024-3009 – Tenda FH1205 WriteFacMac formWriteFacMac command injection
https://notcve.org/view.php?id=CVE-2024-3009
27 Mar 2024 — A vulnerability has been found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/formWriteFacMac.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-3008 – Tenda FH1205 execCommand formexeCommand stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3008
27 Mar 2024 — A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7(775). Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/tykawaii98/CVE-2024-30088 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-3007 – Tenda FH1205 NatStaticSetting fromNatStaticSetting stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3007
27 Mar 2024 — A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7(775). This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/blkph0x/CVE_2024_30078_POC_WIFI • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3006 – Tenda FH1205 fromRouteStatic fromSetRouteStatic stack-based overflow
https://notcve.org/view.php?id=CVE-2024-3006
27 Mar 2024 — A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromRouteStatic.md • CWE-121: Stack-based Buffer Overflow •