cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2993,https://securityvulnerability.io/vulnerability/CVE-2024-2993,Tenda FH1203 QuickIndex formQuickIndex stack-based overflow,"A vulnerability in the Tenda FH1203 router, specifically in version 2.0.1.6, is identified within the formQuickIndex function located in the /goform/QuickIndex file. The issue arises from improper handling of the PPPOEPassword argument, which can lead to a stack-based buffer overflow. This vulnerability allows for remote exploitation, enabling attackers to potentially take control of the affected device. Despite the significant risk posed by this flaw, the vendor has not provided a response following early disclosure attempts regarding this vulnerability.",Tenda,Fh1203,8.8,HIGH,0.009340000338852406,false,,false,false,true,2024-03-27T20:15:00.000Z,true,false,false,,2024-03-27T20:15:00.000Z,0
CVE-2024-2994,https://securityvulnerability.io/vulnerability/CVE-2024-2994,Tenda FH1203 GetParentControlInfo stack-based overflow,"A vulnerability has been identified in the Tenda FH1203 router, specifically within the GetParentControlInfo function. This issue arises from improper input handling of the 'mac' argument, leading to a stack-based buffer overflow. Attackers can exploit this vulnerability remotely, potentially gaining unauthorized access and control over the device. The vulnerability has been publicly disclosed, and the vendor has yet to respond to the report, raising concerns for users regarding the security of their devices. Any exploitation of this flaw could result in significant security implications for the affected systems.",Tenda,Fh1203,8.8,HIGH,0.009340000338852406,false,,false,false,true,2024-03-27T20:15:00.000Z,true,false,false,,2024-03-27T20:15:00.000Z,0
CVE-2024-2991,https://securityvulnerability.io/vulnerability/CVE-2024-2991,Tenda FH1203 WriteFacMac formWriteFacMac command injection,"A command injection vulnerability exists in the Tenda FH1203 router, specifically in the formWriteFacMac function. This vulnerability allows an attacker to manipulate the MAC address input, leading to unauthorized command execution on the device. The vulnerability can be exploited remotely, posing significant security risks. Although the vendor has been informed about this flaw, there has been no response. This oversight increases the urgency for users to secure their devices against potential exploits.",Tenda,Fh1203,8.8,HIGH,0.007170000113546848,false,,false,false,true,2024-03-27T19:15:00.000Z,true,false,false,,2024-03-27T19:15:00.000Z,0
CVE-2024-2990,https://securityvulnerability.io/vulnerability/CVE-2024-2990,Stack-Based Buffer Overflow in Tenda FH1203 Router,"A stack-based buffer overflow vulnerability has been identified in the Tenda FH1203 router that arises from improper handling of user-supplied input within the execCommand function found in the /goform/execCommand file. This flaw allows attackers to craft malicious commands that, when executed, could lead to arbitrary code execution on the device. The vulnerability can be exploited remotely without requiring physical access, thereby posing a significant security risk. Despite attempts to notify the vendor prior to its public disclosure, no response has been received, leaving users potentially vulnerable to attacks that could compromise their network.",Tenda,Fh1203 Firmware,8.8,HIGH,0.009340000338852406,false,,false,false,false,,,false,false,,2024-03-27T19:15:00.000Z,0
CVE-2024-2988,https://securityvulnerability.io/vulnerability/CVE-2024-2988,Buffer Overflow Vulnerability in Tenda FH1203 Router,"A stack-based buffer overflow vulnerability exists in the Tenda FH1203 router version 2.0.1.6, specifically within the `fromSetRouteStatic` function of the `/goform/fromRouteStatic` script. This issue arises due to improper handling of the `entrys` argument, allowing an attacker to manipulate it from a remote location, potentially leading to arbitrary code execution. The exploit has been publicly disclosed, raising significant security concerns for users of this device. Despite early notification, Tenda has not responded to this critical security issue.",Tenda,Fh1203 Firmware,8.8,HIGH,0.009340000338852406,false,,false,false,false,,,false,false,,2024-03-27T18:15:00.000Z,0
CVE-2024-2989,https://securityvulnerability.io/vulnerability/CVE-2024-2989,Stack-based Buffer Overflow in Tenda FH1203 Router,"A stack-based buffer overflow vulnerability exists in the Tenda FH1203 router, specifically within the fromNatStaticSetting function of the /goform/NatStaticSetting file. This flaw allows an attacker to manipulate the argument page, potentially leading to remote code execution. The vulnerability has been publicly disclosed, and the absence of a response from the vendor raises concerns regarding the security of users relying on this device. Immediate action is recommended to mitigate potential risks.",Tenda,Fh1203 Firmware,8.8,HIGH,0.009340000338852406,false,,false,false,false,,,false,false,,2024-03-27T18:15:00.000Z,0
CVE-2023-38940,https://securityvulnerability.io/vulnerability/CVE-2023-38940,Stack Overflow Vulnerability in Tenda Network Devices,"A stack overflow vulnerability has been identified in Tenda F1203, FH1203, and FH1205 devices, specifically in the form_fast_setting_wifi_set function. Exploiting this issue via the `ssid` parameter can lead to unexpected behavior and potential unauthorized access, emphasizing the need for timely security updates and mitigation strategies for affected users.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-38934,https://securityvulnerability.io/vulnerability/CVE-2023-38934,Stack Overflow Vulnerability in Tenda Networking Devices,"An issue has been identified in Tenda F1203, FH1203, and FH1205 devices where a stack overflow occurs via the deviceId parameter in the formSetDeviceName function. This vulnerability can potentially allow an attacker to exploit the affected devices, impacting their ability to manage and configure device names securely. Users of these devices should be cautious and look for firmware updates or patches from the vendor.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-37707,https://securityvulnerability.io/vulnerability/CVE-2023-37707,Stack Overflow Vulnerability in Tenda FH1203 Firmware,"The Tenda FH1203 V2.0.1.6 firmware has been identified to contain a stack overflow issue caused by improper handling of the page parameter in the fromVirtualSer function. This vulnerability can potentially allow unauthorized access to affected devices, compromising their security and functionality. It is crucial for users and administrators to take necessary precautions and apply updates to safeguard their networks.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37703,https://securityvulnerability.io/vulnerability/CVE-2023-37703,Stack Overflow Vulnerability in Tenda FH1203 Router,"The Tenda FH1203 router, specifically version V2.0.1.6, is susceptible to a stack overflow vulnerability found in the formSetSpeedWan function. By manipulating the speed_dir parameter, an attacker could exploit this flaw, potentially leading to unauthorized access or denial of service. This highlights the critical need for users to ensure their devices are updated with the latest security patches to mitigate risks associated with IoT vulnerabilities.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37701,https://securityvulnerability.io/vulnerability/CVE-2023-37701,Stack Overflow Vulnerability in Tenda FH1203 Router by Tenda,"The Tenda FH1203 router, specifically version V2.0.1.6, is susceptible to a stack overflow vulnerability due to improper handling of the deviceId parameter in the addWifiMacFilter function. This flaw could potentially allow an attacker to execute arbitrary code on the affected device, posing significant risks to device integrity and network security.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37702,https://securityvulnerability.io/vulnerability/CVE-2023-37702,Stack Overflow Vulnerability in Tenda FH1203 by Tenda,"The Tenda FH1203 V2.0.1.6 is susceptible to a stack overflow vulnerability caused by improper handling of the deviceId parameter in the formSetDeviceName function, which can lead to unexpected behavior and potential exploitation. This flaw highlights the importance of secure coding practices, particularly in Internet of Things (IoT) devices where direct access to critical system components could compromise overall device integrity.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37704,https://securityvulnerability.io/vulnerability/CVE-2023-37704,Stack Overflow Vulnerability in Tenda FH1203 Router,"A stack overflow vulnerability has been identified in the Tenda FH1203 V2.0.1.6 router. This security flaw occurs in the formSetClientState function, specifically tied to the deviceId parameter. By exploiting this vulnerability, attackers can potentially cause the device to execute unintended operations, jeopardizing the integrity and confidentiality of the network. It’s crucial for users of the Tenda FH1203 to be aware of this issue and take necessary precautions.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37705,https://securityvulnerability.io/vulnerability/CVE-2023-37705,Stack Overflow Vulnerability in Tenda FH1203 from Tenda,"The Tenda FH1203 V2.0.1.6 has a vulnerability that stems from a stack overflow in the fromAddressNat function, triggered by an improper handling of the page parameter. This flaw can potentially allow remote attackers to execute arbitrary code, highlighting significant risks associated with unsecured IoT devices.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37706,https://securityvulnerability.io/vulnerability/CVE-2023-37706,Stack Overflow Vulnerability in Tenda FH1203 Router,"The Tenda FH1203 router version V2.0.1.6 has been identified with a stack overflow vulnerability originating from improper handling of the 'entrys' parameter in the 'fromAddressNat' function. This flaw may allow attackers to exploit the system by injecting malicious input, leading to unauthorized access or service disruption.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.002420000033453107,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37700,https://securityvulnerability.io/vulnerability/CVE-2023-37700,Stack Overflow Vulnerability in Tenda FH1203 Product,"A stack overflow vulnerability exists in the Tenda FH1203, specifically within the ssid parameter of the form_fast_setting_wifi_set function. This flaw could allow attackers to exploit the device, potentially leading to unauthorized access or disruption of the Wi-Fi settings. Users should secure their devices by updating to patched versions and ensuring proper configurations are in place.",Tenda,Fh1203 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0