CVE Catalog

CVE-2026-9428

High
Published: Translated: NVD NIST

Summary

A vulnerability has been found in Tenda F1202 version 1.2.0.20(408), affecting the function fromPPTPUserSetting in the file /goform/PPTPUserSetting. Manipulation of the argument delno leads to stack-based buffer overflow.

Risk Assessment

An attacker may exploit this vulnerability remotely, potentially leading to unauthorized access or control over the device.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS