Skip to main content

Tenda CVE-2026-5683

| EUVD-2026-19512 LOW
Stack-based Buffer Overflow (CWE-121)
2026-04-06 VulDB GHSA-r6ph-fxqg-vg33
Buffer Overflow Stack Overflow Tenda
2.0
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
5.1 (MEDIUM) 2.0 (LOW)
PoC Detected
Apr 07, 2026 - 13:20 vuln.today
Public exploit code
EUVD ID Assigned
Apr 06, 2026 - 21:00 euvd
EUVD-2026-19512
Analysis Generated
Apr 06, 2026 - 21:00 vuln.today
CVE Published
Apr 06, 2026 - 20:30 nvd
MEDIUM 5.1

DescriptionNVD

A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.

AnalysisAI

Stack-based buffer overflow in Tenda CX12L firmware version 16.03.53.12 allows authenticated local network attackers to cause memory corruption via manipulation of the page parameter in the P2pListFilter function. The vulnerability requires local network access and authenticated privileges but carries publicly available exploit code, elevating practical risk despite the moderate CVSS score of 5.1.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-5683 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy