CVE-2024-12002 Information

Description

A vulnerability classified as problematic was found in Tenda FH451 FH1201 FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/Kalvin2077/tenda-fh-cve https://vuldb.com/?ctiid.286417 https://vuldb.com/?id.286417 https://vuldb.com/?submit.453974 https://www.tenda.com.cn/