Tenda Fh1202 Firmware vulnerabilities

61 known vulnerabilities affecting tenda/fh1202_firmware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL19HIGH23MEDIUM19

Vulnerabilities

Page 2 of 4

CVE-2025-2992MEDIUMCVSS 6.9v1.2.0.14\(408\)2025-03-31

CVE-2025-2992 [MEDIUM] CWE-266 CVE-2025-2992: A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vul A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is an unknown functionality of the file /goform/AdvSetWrlsafeset of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public

nvd

CVE-2025-2996MEDIUMCVSS 6.9v1.2.0.14\(408\)2025-03-31

CVE-2025-2996 [MEDIUM] CWE-266 CVE-2025-2996: A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affec A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affects some unknown processing of the file /goform/SysToolDDNS of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

nvd

CVE-2024-12002MEDIUMCVSS 5.3v1.2.0.9v1.2.0.14\(408\)+1 more2024-11-30

CVE-2024-12002 [MEDIUM] CWE-404 CVE-2024-12002: A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed t

nvd

CVE-2024-32302MEDIUMCVSS 6.3v1.2.0.14\(408\)2024-04-17

CVE-2024-32302 [MEDIUM] CWE-787 CVE-2024-32302: Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.

nvd

CVE-2024-32315MEDIUMCVSS 4.7v1.2.0.14\(408\)2024-04-17

CVE-2024-32315 [MEDIUM] CWE-787 CVE-2024-32315: Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.

nvd

CVE-2024-32282MEDIUMCVSS 6.3v1.2.0.14\(408\)2024-04-17

CVE-2024-32282 [MEDIUM] CWE-77 CVE-2024-32282: Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeComma Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.

nvd

CVE-2024-30584CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30584 [CRITICAL] CWE-120 CVE-2024-30584: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the form Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function.

nvd

CVE-2024-30589CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30589 [CRITICAL] CWE-121 CVE-2024-30589: Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of t Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of the fromAddressNat function.

nvd

CVE-2024-30596CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30596 [CRITICAL] CWE-125 CVE-2024-30596: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the form Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the formSetDeviceName function.

nvd

CVE-2024-30595CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30595 [CRITICAL] CWE-121 CVE-2024-30595: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addW Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addWifiMacFilter function.

nvd

CVE-2024-30587CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30587 [CRITICAL] CWE-125 CVE-2024-30587: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the savePare Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function.

nvd

CVE-2024-30593CRITICALCVSS 9.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30593 [CRITICAL] CWE-120 CVE-2024-30593: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter o Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function.

nvd

CVE-2024-30591HIGHCVSS 8.8v1.2.0.14\(408\)2024-03-28

CVE-2024-30591 [HIGH] CWE-121 CVE-2024-30591: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the savePare Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function.

nvd

CVE-2024-30592HIGHCVSS 8.0v1.2.0.14\(408\)2024-03-28

CVE-2024-30592 [HIGH] CWE-121 CVE-2024-30592: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddr Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddressNat function.

nvd

CVE-2024-30583HIGHCVSS 8.0v1.2.0.14\(408\)2024-03-28

CVE-2024-30583 [HIGH] CWE-121 CVE-2024-30583: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function.

nvd

CVE-2024-30588MEDIUMCVSS 4.3v1.2.0.14\(408\)2024-03-28

CVE-2024-30588 [MEDIUM] CWE-121 CVE-2024-30588: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of th Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function.

nvd

CVE-2024-30594MEDIUMCVSS 6.5v1.2.0.14\(408\)2024-03-28

CVE-2024-30594 [MEDIUM] CWE-121 CVE-2024-30594: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the add Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function.

nvd

CVE-2024-30585MEDIUMCVSS 6.5v1.2.0.14\(408\)2024-03-28

CVE-2024-30585 [MEDIUM] CWE-121 CVE-2024-30585: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the save Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function.

nvd

CVE-2024-30586MEDIUMCVSS 6.5v1.2.0.14\(408\)2024-03-28

CVE-2024-30586 [MEDIUM] CWE-121 CVE-2024-30586: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the f Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function.

nvd

CVE-2024-30590MEDIUMCVSS 6.5v1.2.0.14\(408\)2024-03-28

CVE-2024-30590 [MEDIUM] CWE-121 CVE-2024-30590: Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function.

nvd

← Previous2 / 4Next →