Skip to main content

Tenda BE12 Pro CVE-2026-15696

| EUVDEUVD-2026-43691 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-07-14 VulDB GHSA-h9wr-9gfr-4wqp
7.4
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.8 HIGH

Network-reachable web endpoint (AV:N, AC:L) requiring a valid low-privilege management session (PR:L, UI:N); stack overflow in root-run httpd yields full C/I/A impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jul 14, 2026 - 15:33 vuln.today
CVSS changed
Jul 14, 2026 - 15:22 NVD
8.7 (HIGH) 7.4 (HIGH)
CVE Published
Jul 14, 2026 - 14:45 cve.org
HIGH 7.4

DescriptionCVE.org

A vulnerability has been found in Tenda BE12 Pro 16.03.66.23. The impacted element is the function fromVirtualSer of the file /goform/VirtualSer. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Stack-based buffer overflow in the Tenda BE12 Pro router (firmware 16.03.66.23) allows remote attackers to corrupt memory via the fromVirtualSer handler for the /goform/VirtualSer endpoint by supplying an oversized 'page' argument. The flaw carries CVSS 4.0 7.4 and, per its vector, requires low-level privileges (PR:L); publicly available exploit code exists, though there is no public exploit identified as actively used in the wild (not in CISA KEV). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Reach router web management interface
Delivery
Authenticate with low-privilege/default credentials
Exploit
Send crafted POST to /goform/VirtualSer with oversized 'page'
Install
Overflow fixed-size stack buffer in fromVirtualSer
C2
Overwrite saved return address
Execute
Execute code as root or crash httpd
Impact
Full device compromise or denial of service

Vulnerability AssessmentAI

Exploitation Exploitation targets the specific /goform/VirtualSer endpoint and its fromVirtualSer handler on Tenda BE12 Pro firmware 16.03.66.23, triggered by an overly long 'page' parameter. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the router's web management interface (e.g., an authenticated LAN user, a device with obtained/default admin credentials, or via an exposed panel) sends a crafted POST to /goform/VirtualSer with an oversized 'page' argument. The oversized value overflows a fixed-size stack buffer in fromVirtualSer, overwriting the return address to crash the httpd service (denial of service) or, with a tailored payload, execute attacker-controlled code as root. …
Remediation No vendor-released patch identified at time of analysis - Tenda had not published a fixed firmware version in the provided data, so monitor https://www.tenda.com.cn/ for a firmware update for the BE12 Pro superseding 16.03.66.23 and apply it once released. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: audit the network to identify all Tenda BE12 Pro routers with firmware 16.03.66.23 and implement firewall rules to block external access to the /goform/VirtualSer endpoint. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15696 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy