CVE-2024-12002
published 2024-11-30CVE-2024-12002: A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function…
medium5.3CVSS 4.0
AVNACLATNPRLUINVCNVINVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | fh1201 | — | — |
| tenda | fh1201_firmware | — | — |
| tenda | fh1201_firmware | — | — |
| tenda | fh1202 | — | — |
| tenda | fh1202_firmware | — | — |
| tenda | fh1202_firmware | — | — |
| tenda | fh1202_firmware | — | — |
| tenda | fh1206 | — | — |
| tenda | fh1206_firmware | — | — |
| tenda | fh451 | — | — |
| tenda | fh451_firmware | — | — |
| tenda | fh451_firmware | — | — |
| tenda | fh451_firmware | — | — |