CVE-2026-2139
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
A vulnerability was determined in Tenda TX9 up to 22.03.02.10_multi. Affected by this vulnerability is the function sub_432580 of the file /goform/fast_setting_wifi_set. This manipulation of the argument ssid causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Analysis
Buffer overflow in Tenda TX9 firmware versions up to 22.03.02.10_multi allows authenticated remote attackers to achieve full system compromise through a malicious SSID parameter in the WiFi configuration interface. Public exploit code is available for this vulnerability, and no patch has been released. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Tenda TX9 devices in your network and isolate affected units from critical systems; document inventory and affected firmware versions. Within 7 days: Disable the /goform/fast_setting_wifi_set function if technically feasible, implement network segmentation to limit router access, and establish monitoring for exploitation attempts. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today