CVE Catalog

CVE-2026-9429

High
Published: Translated: NVD NIST

Summary

A vulnerability was found in the Tenda F1202 device version 1.2.0.20(408), affecting the function formWrlExtraSet in the file /goform/WrlExtraSet. Manipulating the argument delno results in a stack-based buffer overflow, allowing for remote attack initiation.

Risk Assessment

This vulnerability poses a risk of remote control takeover of the device, potentially leading to serious security implications for the network.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor network traffic for potential attack attempts.

Original NVD description (English source)

A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS