Tenda FH1202 AdvSetWan fromAdvSetWan stack-based overflow

July 13, 2025 invoker category_cve

CVE Details

Basic Information

Title Tenda FH1202 AdvSetWan fromAdvSetWan stack-based overflow
Type cve
Published 2025-07-13T10:32:07.306Z
Modified 2025-07-13T10:32:07.306Z

Product Information

Vendor Tenda
Product FH1202
Version 1.2.0.14(408)

CVSS Information

Base Score 8.7 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

AI Analysis

AI Description A critical stack-based buffer overflow vulnerability in Tenda FH1202’s AdvSetWan function allows remote attackers to exploit the PPPOEPassword argument, leading to potential system compromise.
AI Severity Critical
AI Vendor Tenda
AI Product FH1202
AI Version 1.2.0.14(408)

Affected Products

  • Tenda FH1202 1.2.0.14(408)

Additional Information

CWE List CWE-121, CWE-119
Source VulDB

Description

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.