A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference.

This vulnerability is known as CVE-2024-12002. The attack can be launched remotely. Furthermore, there is an exploit available.