CVE Catalog

CVE-2026-9430

High
Published: Translated: NVD NIST

Summary

A vulnerability was identified in Tenda F1202 version 1.2.0.20(408) affecting the function formGstDhcpSetSer in the file /goform/GstDhcpSetSerof. Manipulating the argument dips can lead to stack-based buffer overflow.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a serious threat to the security of the device and the network.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dips can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS