CVE-2017-9139

Name: CVE-2017-9139
Creator: NVD / NIST
Published: 2017-05-21T22:29:00.21+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.37%

Last modified Jun 17, 2026

CVE-2017-9139 is a vulnerability of currently unknown severity. There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.. EPSS estimates a 0.37% chance of exploitation in the next 30 days.

Description

There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.

Metrics

EPSS Probability

0.37%

29.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Tendacn	F1200 Firmware	<= 1.2.0.19
Tendacn	Fh1202 Firmware	<= 1.2.0.19
Tendacn	F1202 Firmware	<= 1.2.0.19

References

http://www.tendacn.com/en/2017.htmlVendor Advisory
http://www.tendacn.com/en/2017.htmlVendor Advisory

Timeline

Published: May 21, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-9139?

How severe is CVE-2017-9139?

Severity scoring for CVE-2017-9139 is pending analysis. The EPSS model estimates a 0.37% probability of exploitation in the next 30 days.

How do I fix CVE-2017-9139?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-9139?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST