Description
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate `pPortMapIndex` may lead to buffer overflows when using `strcpy`.
Scores
CVSS v3
9.8
EPSS
0.0003
EPSS Percentile
7.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-120
Status
published
Products (1)
tenda/w20e_firmware
15.11.0.6
Published
Mar 02, 2026
Tracked Since
Mar 02, 2026