CVE-2026-11524
HighCVSS 8.8Summary
A vulnerability has been found in Tenda W20E version 15.11.0.6, affecting the modifyWifiFilterRules function in the /goform/modifyWifiFilterRules file of the Web Management Interface. Manipulation of the wifiFilterListRemark argument leads to stack-based buffer overflow.
Risk Assessment
An attacker may remotely exploit this vulnerability, posing a serious threat to the security of the device and the network it is installed in.
Recommendation
It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to restrict access to the management interface.
Original NVD description (English source)
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

