Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
Tenda FH1202 Router: Remote Code Execution from Malicious Input
CVE-2026-3811
Summary
A security flaw exists in the Tenda FH1202 router's software, allowing an attacker to potentially execute malicious code on the device if they send a specially crafted input. This could lead to unauthorized access and control of the router. To mitigate this risk, update the router's software to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| tenda | fh1202_firmware | 1.2.0.14\(408\) | – |
Original title
A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based ...
Original description
A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026