What is the CVSS score of CVE-2026-3811?

CVE-2026-3811 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Fh1202 Firmware are affected by CVE-2026-3811?

A high-severity vulnerability in Tenda FH1202 wireless routers (version 1.2.0.14(408)) allows remote attackers to compromise affected devices with a publicly available exploit.

Is there a public PoC exploit available for CVE-2026-3811?

Yes, a public proof-of-concept exploit is available for CVE-2026-3811. Prioritise patching immediately. EPSS: 0.1%.

Fh1202 Firmware CVE-2026-3811

HIGH

Buffer Overflow (CWE-119)

2026-03-09 cna@vuldb.com

Buffer Overflow Stack Overflow Fh1202 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:56 vuln.today

PoC Detected

Mar 09, 2026 - 15:26 vuln.today

Public exploit code

CVE Published

Mar 09, 2026 - 09:16 nvd

HIGH 8.8

DescriptionNVD

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

AnalysisAI

Stack-based buffer overflow in Tenda FH1202 firmware version 1.2.0.14(408) allows authenticated remote attackers to achieve complete system compromise through a malformed page parameter in the /goform/P2pListFilter endpoint. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk of code execution and data theft.

RemediationAI

Within 24 hours: Identify and inventory all Tenda FH1202 devices in your environment and their network criticality. Within 7 days: Isolate or segment affected routers from sensitive network resources; implement enhanced monitoring on these devices; contact Tenda for patch timeline and interim guidance. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-3811 vulnerability details – vuln.today

Back

Fh1202 Firmware CVE-2026-3811

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code