ID
VAR-202403-3270
CVE
CVE-2024-30625
TITLE
Shenzhen Tenda Technology Co.,Ltd. of fh1205 Stack-based buffer overflow vulnerability in firmware
Trust: 0.8
DESCRIPTION
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the entrys parameter from fromAddressNat function. Shenzhen Tenda Technology Co.,Ltd. of fh1205 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the failure of the entries parameter of the fromAddressNat method to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system
Trust: 2.16
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | tenda | model: | fh1205 | scope: | eq | version: | 2.0.0.7\(775\) | Trust: 1.0 |
| vendor: | tenda | model: | fh1205 | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | tenda | model: | fh1205 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | tenda | model: | fh1205 | scope: | eq | version: | fh1205 firmware 2.0.0.7(775) | Trust: 0.8 |
| vendor: | tenda | model: | fh1205 | scope: | eq | version: | v2.0.0.7(775) | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-121 | Trust: 1.0 |
| problemtype: | Stack-based buffer overflow (CWE-121) [ others ] | Trust: 0.8 |
PATCH
| title: | Patch for Tenda FH1205 Stack Buffer Overflow Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/732691 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-30625 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2024-020509 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2025-21463 | Trust: 0.6 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2024-30625 | Trust: 1.4 |
| url: | https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/fh/fh1205/fromaddressnat_entrys.md | Trust: 1.0 |
SOURCES
| db: | CNVD | id: | CNVD-2025-21463 |
| db: | JVNDB | id: | JVNDB-2024-020509 |
| db: | NVD | id: | CVE-2024-30625 |
LAST UPDATE DATE
2025-09-19T23:08:55.490000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-21463 | date: | 2025-09-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2024-020509 | date: | 2025-03-17T03:16:00 |
| db: | NVD | id: | CVE-2024-30625 | date: | 2025-03-13T21:22:18.877 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-21463 | date: | 2025-09-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2024-020509 | date: | 2025-03-17T00:00:00 |
| db: | NVD | id: | CVE-2024-30625 | date: | 2024-03-29T13:15:16.033 |