Description

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.

Related CPE's

o

tenda

f1202_firmware

2

h

tenda

f1202

2

o

tenda

fh1202_firmware

1.2.0.19_en

Vulnerable

h

tenda

fh1202

-

o

tenda

4g300_firmware

-

Vulnerable

h

tenda

4g300

-

o

tenda

pw201a_firmware

-

Vulnerable

h

tenda

pw201a

-

o

tenda

pa202_firmware

-

Vulnerable

h

tenda

pa202

-

References

https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromqossetting/report.md

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-787

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-07-14T00:15:09.707

1 year ago

Last modified

2023-07-21T14:26:54.460

1 year ago