CVE-2026-5686

HIGH

Tenda CX12L RouteStatic fromRouteStatic stack-based overflow

Title source: cna

Description

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

References (5)

Scores

CVSS v3 8.8
EPSS 0.0002
EPSS Percentile 4.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119 CWE-121
Status published
Products (1)
Tenda/CX12L 16.03.53.12
Published Apr 06, 2026
Tracked Since Apr 07, 2026