CVE-2026-3972

HIGH
2026-03-12 [email protected]
8.7
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:57 vuln.today
CVE Published
Mar 12, 2026 - 02:15 nvd
HIGH 8.7

Tags

Buffer Overflow Tenda

Description

A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network. The exploit has been made public and could be used.

Analysis

Stack-based buffer overflow in Tenda W3 1.0.0.3(2204) HTTP handler allows unauthenticated local network attackers to achieve arbitrary code execution by crafting malicious input to the funcpara1 parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation on vulnerable networks. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all Tenda W3 1.0.0.3(2204) devices in production and isolate them from critical network segments if possible. Within 7 days: Contact Tenda for patch availability or device replacement options; implement network access controls restricting HTTP handler endpoints. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +44
POC: 0

Share

CVE-2026-3972 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy