📦

fh1202

Vendor: tenda

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 13 Remote Access

Total CVEs 86 Total Indexed

Avg. EPSS 0.46% Exploit Prob.

Latest CVE CVE-2026-7035 Apr 26

Security Vulnerability Index

Page 3 / 9

6.9 CVSS

CVE-2025-2992

A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is an unknown functionality of the file /goform/AdvSetWrlsafeset of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.30%

Severity: MEDIUM

Mar 31, 2025

6.9 CVSS

CVE-2025-2991

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.30%

Severity: MEDIUM

Mar 31, 2025

6.9 CVSS

CVE-2025-2990

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/AdvSetWrlGstset of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.27%

Severity: MEDIUM

Mar 31, 2025

6.9 CVSS

CVE-2025-2989

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/AdvSetWrl of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.27%

Severity: MEDIUM

Mar 31, 2025

5.3 CVSS

CVE-2024-12002

A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.12%

Severity: MEDIUM

Nov 30, 2024

4.7 CVSS

CVE-2024-32315

Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.

EPSS: 0.12%

Severity: MEDIUM

Apr 17, 2024

6.3 CVSS

CVE-2024-32302

Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.

EPSS: 0.16%

Severity: MEDIUM

Apr 17, 2024

6.3 CVSS

CVE-2024-32282

RCE

Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.

EPSS: 0.45%

Severity: MEDIUM

Apr 17, 2024

8.0 CVSS

CVE-2024-30592

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddressNat function.

EPSS: 0.10%

Severity: HIGH

Mar 28, 2024

8.8 CVSS

CVE-2024-30591

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function.

EPSS: 0.12%

Severity: HIGH

Mar 28, 2024

Displaying 10 of 86 Total Entries

1 2 3 4 5 ... 9

Total 9 Sections