CVE Catalog

CVE-2026-11524

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Summary

A vulnerability has been found in Tenda W20E version 15.11.0.6, affecting the modifyWifiFilterRules function in the /goform/modifyWifiFilterRules file of the Web Management Interface. Manipulation of the wifiFilterListRemark argument leads to stack-based buffer overflow.

Risk Assessment

An attacker may remotely exploit this vulnerability, posing a serious threat to the security of the device and the network it is installed in.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to restrict access to the management interface.

Original NVD description (English source)

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS