CVE-2026-9428
HighSummary
A vulnerability has been found in Tenda F1202 version 1.2.0.20(408), affecting the function fromPPTPUserSetting in the file /goform/PPTPUserSetting. Manipulation of the argument delno leads to stack-based buffer overflow.
Risk Assessment
An attacker may exploit this vulnerability remotely, potentially leading to unauthorized access or control over the device.
Recommendation
It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

