Security Vulnerabilities - CVEs Published In March 2024
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-03-28
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
CVSS Score
2.0
EPSS Score
0.005
Published
2024-03-28
The console may experience a service interruption when processing file names with invalid characters.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of the fromAddressNat function.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-03-28
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-03-28