CVE-2024-12002: Tenda FH451/FH1201/FH1202/FH1206 GetIPTV websReadEvent null pointer dereference

First published: Sat Nov 30 2024(Updated: )

A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Credit: cna@vuldb.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/title
• agent/weakness
• agent/references
• agent/first-publish-date
• agent/description
• agent/type
• agent/author
• agent/event
• collector/mitre-cve
• source/MITRE
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/severity
• agent/last-modified-date
• agent/softwarecombine
• agent/tags
• vendor/tenda
• canonical/tenda fh451 firmware
• version/tenda fh451 firmware/1.0.0.5
• version/tenda fh451 firmware/1.0.0.7
• version/tenda fh451 firmware/1.0.0.9
• canonical/tenda fh451
• canonical/tenda fh1201 firmware
• version/tenda fh1201 firmware/1.2.0.8\(8155\)
• version/tenda fh1201 firmware/1.2.0.14\(408\)_en
• canonical/tenda fh1201
• canonical/tenda fh1202 firmware
• version/tenda fh1202 firmware/1.2.0.9
• version/tenda fh1202 firmware/1.2.0.14\(408\)
• version/tenda fh1202 firmware/1.2.0.14\(408\)_en
• canonical/tenda fh1202
• canonical/tenda fh1206 firmware
• version/tenda fh1206 firmware/1.2.0.8\(8155\)
• canonical/tenda fh1206