| Title | Tenda FH1201 V1.0BR_V1.2.0.14 Buffer Overflow |
|---|
| Description | The Tenda FH1201 V1.0BR_V1.2.0.14 firmware has a buffer overflow vulnerability in the fromRouteStatic function. The v3 variable receives the page parameter from a POST request and is later passed to the sprintf function. However, since the Since user can control the input of page, the statemeant sprintf(v5, "routing_static.asp?page=%s", v3); can cause a buffer overflow. |
|---|
| Source | ⚠️ https://candle-throne-f75.notion.site/Tenda-FH1201-fromRouteStatic-229df0aa118580ba952bd3f16857b176 |
|---|
| User | ysnysnysn (UID 86177) |
|---|
| Submission | 07/07/2025 08:44 (11 months ago) |
|---|
| Moderation | 07/11/2025 13:55 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316117 [Tenda FH1201 1.2.0.14 HTTP POST Request /goform/fromRouteStatic page buffer overflow] |
|---|
| Points | 16 |
|---|