A vulnerability was found in Tenda FH1202 1.2.0.14. It has been classified as critical. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-fromVirtualSer-20b53a41781f80b7a6c7e727f93d7d9f?source=copy_link | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.311856 | Permissions Required VDB Entry |
https://vuldb.com/?id.311856 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.592462 | Third Party Advisory VDB Entry |
https://www.tenda.com.cn/ | Product |
https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-fromVirtualSer-20b53a41781f80b7a6c7e727f93d7d9f | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Jun 2025, 14:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Tenda fh1202
Tenda fh1202 Firmware Tenda |
|
References | () https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-fromVirtualSer-20b53a41781f80b7a6c7e727f93d7d9f?source=copy_link - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.311856 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.311856 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.592462 - Third Party Advisory, VDB Entry | |
References | () https://www.tenda.com.cn/ - Product | |
References | () https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-fromVirtualSer-20b53a41781f80b7a6c7e727f93d7d9f - Exploit, Third Party Advisory | |
CPE | cpe:2.3:h:tenda:fh1202:-:*:*:*:*:*:*:* cpe:2.3:o:tenda:fh1202_firmware:1.2.0.14\(408\):*:*:*:*:*:*:* |
|
CWE | CWE-787 |
11 Jun 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
10 Jun 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-10 21:15
Updated : 2025-06-20 14:47
NVD link : CVE-2025-5978
Mitre link : CVE-2025-5978
CVE.ORG link : CVE-2025-5978
JSON object : View
Products Affected
tenda
- fh1202
- fh1202_firmware