Tenda Fh451 Firmware vulnerabilities

28 known vulnerabilities affecting tenda/fh451_firmware.

Total CVEs
28
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH22MEDIUM3

Vulnerabilities

Page 2 of 2
CVE-2025-5080HIGHCVSS 8.7v1.0.0.92025-05-22
CVE-2025-5080 [HIGH] CWE-119 CVE-2025-5080: A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the functi A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-44176MEDIUMCVSS 6.5v1.0.0.92025-05-12
CVE-2025-44176 [MEDIUM] CWE-77 CVE-2025-44176: Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
nvd
CVE-2025-45513CRITICALCVSS 9.8v1.0.0.92025-05-09
CVE-2025-45513 [CRITICAL] CWE-121 CVE-2025-45513: Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.
nvd
CVE-2025-45514MEDIUMCVSS 6.5v1.0.0.92025-05-07
CVE-2025-45514 [MEDIUM] CWE-121 CVE-2025-45514: Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm.
nvd
CVE-2024-12002MEDIUMCVSS 5.3v1.0.0.5v1.0.0.7+1 more2024-11-30
CVE-2024-12002 [MEDIUM] CWE-404 CVE-2024-12002: A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed t
nvd
CVE-2024-46048CRITICALCVSS 9.8v1.0.0.92024-09-13
CVE-2024-46048 [CRITICAL] CWE-77 CVE-2024-46048: Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
nvd
CVE-2024-46046CRITICALCVSS 9.8v1.0.0.92024-09-13
CVE-2024-46046 [CRITICAL] CWE-787 CVE-2024-46046: Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
nvd
CVE-2024-46047HIGHCVSS 7.5v1.0.0.92024-09-13
CVE-2024-46047 [HIGH] CWE-787 CVE-2024-46047: Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
nvd
← Previous2 / 2