Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-7807 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7806 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7805 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7796 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7795 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7794 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7793 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7792 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7855 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. | |||||
| CVE-2025-7854 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7853 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7747 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-18 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7434 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7505 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7506 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5080 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-06-20 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-45514 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-05-27 | N/A | 6.5 MEDIUM |
| Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. | |||||
| CVE-2025-45513 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-05-24 | N/A | 9.8 CRITICAL |
| Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. | |||||
| CVE-2025-44176 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-05-23 | N/A | 6.5 MEDIUM |
| Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. | |||||
| CVE-2024-12002 | 1 Tenda | 8 Fh1201, Fh1201 Firmware, Fh1202 and 5 more | 2024-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||