F1200 Firmware
CVE-2017-9139
LOW
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.
AnalysisAI
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds. Affected products include: Tendacn F1200 Firmware, Tendacn Fh1202 Firmware, Tendacn F1202 Firmware. Version information: before 1.2.0.20.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in F1200 Firmware
View allSame weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today