| Title | Tenda FH1201 V1.0BR_V1.2.0.14 Buffer Overflow |
|---|
| Description | The Tenda FH1201 V1.0BR_V1.2.0.14 firmware has a buffer overflow vulnerability in the fromSafeUrlFilter function. The v11 variable receives the page parameter from a POST request and is later passed to the sprintf function. However, since the Since user can control the input of page, the statement sprintf(v16, "firewall_urlfilterlist.asp?page=%s", v11); can cause a buffer overflow. |
|---|
| Source | ⚠️ https://candle-throne-f75.notion.site/Tenda-FH1201-fromSafeUrlFilter-229df0aa118580ceb3e4f54d22814c40 |
|---|
| User | ysnysn0121 (UID 86198) |
|---|
| Submission | 07/07/2025 09:06 (11 months ago) |
|---|
| Moderation | 07/11/2025 13:58 (4 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316120 [Tenda FH1201 1.2.0.14 HTTP POST Request fromSafeUrlFilter page buffer overflow] |
|---|
| Points | 17 |
|---|