What is the CVSS score of CVE-2026-2185?

CVE-2026-2185 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Rx3 Firmware are affected by CVE-2026-2185?

Tenda RX3 routers contain a critical remote code execution vulnerability in the MAC filtering configuration endpoint that allows unauthenticated attackers to compromise network infrastructure.

Is there a public PoC exploit available for CVE-2026-2185?

Yes, a public proof-of-concept exploit is available for CVE-2026-2185. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-2185?

Within 24 hours: Identify all Tenda RX3 devices running firmware 16.03.13.11 and isolate them from production networks or disable remote management access. Within 7 days: Implement network segmentation to restrict access to the affected endpoint (/goform/setBlackRule) and deploy WAF rules to block suspicious requests to this function. Within 30 days: Replace vulnerable Tenda RX3 units with patched alternatives from the vendor or transition to alternative network equipment; monitor Tenda's security advisories for patch availability.

Rx3 Firmware CVE-2026-2185

HIGH

Buffer Overflow (CWE-119)

2026-02-08 cna@vuldb.com

Buffer Overflow Stack Overflow Rx3 Firmware

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 10, 2026 - 14:54 vuln.today

Public exploit code

CVE Published

Feb 08, 2026 - 21:15 nvd

HIGH 8.8

DescriptionCVE.org

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.

AnalysisAI

Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 MAC filtering endpoint allows authenticated remote attackers to achieve code execution through crafted device name or MAC address parameters. Public exploit code exists for this vulnerability and no patch is currently available. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to Tenda RX3 web interface

Delivery

Send crafted POST to /goform/setBlackRule

Exploit

Inject oversized devName parameter

Execution

Overflow stack buffer

Impact

Execute arbitrary code

Access

Authenticate to Tenda RX3 web interface

Delivery

Send crafted POST to /goform/setBlackRule

Exploit

Inject oversized devName parameter

Execution

Overflow stack buffer

Impact

Execute arbitrary code

Vulnerability AssessmentAI

Exploitation	Tenda RX3 firmware version 16.03.13.11, MAC Filtering Configuration endpoint accessible, authenticated user account required (PR:L), default web interface listening on port 80/443 Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker could exploit this vulnerability to compromise the affected system.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Tenda RX3 devices running firmware 16.03.13.11 and isolate them from production networks or disable remote management access. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-2185 vulnerability details – vuln.today

Back

Rx3 Firmware CVE-2026-2185

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code