Tenda FH451

CPE Details

Tenda FH451
tenda
fh451
-
2024-12-13
13h47 +00:00
2024-12-13
13h47 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:h:tenda:fh451:-:*:*:*:*:*:*:*

Informations

Vendor

tenda

Product

fh451

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-5080 2025-05-22 15h00 +00:00 A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
8.7
High
CVE-2025-44176 2025-05-12 00h00 +00:00 Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
6.5
Medium
CVE-2025-45513 2025-05-09 00h00 +00:00 Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.
9.8
Critical
CVE-2025-45514 2025-05-07 00h00 +00:00 Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm.
6.5
Medium
CVE-2024-12002 2024-11-30 13h00 +00:00 A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
5.3
Medium
CVE-2024-46046 2024-09-12 22h00 +00:00 Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
9.8
Critical
CVE-2024-46047 2024-09-12 22h00 +00:00 Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
7.5
High
CVE-2024-46048 2024-09-12 22h00 +00:00 Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
9.8
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.