CVE-2024-2994

The CVE-2024-2994 entry concerns Tenda FH1203 firmware 2.0.1.6, specifically the GetParentControlInfo function in /goform/GetParentControlInfo. The vulnerability stems from improper validation of the mac argument, causing a stack-based buffer overflow that can be triggered remotely. Public disclo...

CVE-2024-2994 Tenda FH1203 GetParentControlInfo stack-based overflow

A vulnerability was found in Tenda FH1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-2993

CVE-2024-2993 pertains to Tenda FH1203 firmware (version 2.0.1.6). The vulnerability is in the function formQuickIndex of /goform/QuickIndex, where manipulation of the PPPOEPassword argument causes a stack-based buffer overflow. It is exploitable remotely, and public disclosures exist (VDB-258162...

CVE-2024-2992

A vulnerability was found in Tenda FH1203 2.0.1.6 and classified as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclose...

CVE-2024-2990

CVE-2024-2990 affects Tenda FH1203 2.0.1.6 . The vulnerability is in the function formexeCommand of the file /goform/execCommand where manipulation of the argument cmdinput causes a stack-based buffer overflow . It can be exploited remotely, and the exploit has been disclosed publicly. The connec...

CVE-2024-2986

A vulnerability was found in Tenda FH1202 1.2.0.14408. It has been rated as critical. This issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speeddir leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit...

CVE-2024-2985 Tenda FH1202 QuickIndex formQuickIndex stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14408. It has been declared as critical. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2024-2985

CVE-2024-2985 affects Tenda FH1202 on version 1.2.0.14(408). The vulnerability lies in the function formQuickIndex of /goform/QuickIndex, where manipulating the PPPOEPassword argument causes a stack-based buffer overflow. This enables remote initiation and, per sources, an exploit has been disclo...

CVE-2024-2983

A vulnerability was found in Tenda FH1202 1.2.0.14408 and classified as critical. Affected by this issue is the function formSetClientState of the file /goform/SetClientState. The manipulation of the argument deviceId/limitSpeed/limitSpeedUp leads to stack-based buffer overflow. The attack may be...

CVE-2024-2984 Tenda FH1202 setcfm formSetCfm stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14408. It has been classified as critical. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2024-2984 Tenda FH1202 setcfm formSetCfm stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14408. It has been classified as critical. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2024-2984

The CVE-2024-2984 issue affects Tenda FH1202 devices (version 1.2.0.14(408)). The root cause is a stack-based buffer overflow in the formSetCfm function (parameter funcpara1) of the /goform/setcfm endpoint, which can be triggered remotely. Public exploits are referenced in the records. Affected p...

CVE-2024-2977

A vulnerability was found in Tenda F1203 2.0.1.6. It has been rated as critical. Affected by this issue is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be launched remotely. The...

CVE-2024-2979

A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2024-2976

A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-2979

CVE-2024-2979 affects Tenda F1203 v2.0.1.6: the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow triggered by manipulating schedStartTime/schedEndTime. This enables remote attack with potential arbitrary code execution or crash/DoS; exploitation has be...

CVE-2024-2978 Tenda F1203 setcfm formSetCfm stack-based overflow

A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-2977 Tenda F1203 QuickIndex formQuickIndex stack-based overflow

A vulnerability was found in Tenda F1203 2.0.1.6. It has been rated as critical. Affected by this issue is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be launched remotely. The...

Autodesk DWG TrueView DWG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk DWG TrueView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

CVE-2024-25137 AutomationDirect C-MORE EA9 HMI Stack-based Buffer Overflow

In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions...