Vulnerabilities > Tendacn > Fh1201 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-25 CVE-2024-41473 OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac
network
low complexity
tendacn CWE-78
critical
 9.8
9.8
2024-07-25 CVE-2024-41468 OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand
network
low complexity
tendacn CWE-78
critical
 9.8
9.8
2024-07-24 CVE-2024-41461 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-24 CVE-2024-41460 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8
2024-07-24 CVE-2024-41459 Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex.
network
low complexity
tendacn CWE-787
critical
 9.8
9.8