PT-2026-24916 · Tenda · W3+1

Svigo_O

Publicado

2026-03-12

Atualizado

2026-03-12

CVE-2026-3976

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda W3 version 1.0.0.3(2204)

Description A weakness exists in the Tenda W3 version 1.0.0.3(2204). The formWifiMacFilterSet function within the /goform/WifiMacFilterSet file of the POST Parameter Handler component is affected. Manipulating the index/GO argument can lead to a stack-based buffer overflow. The attack can be launched remotely. The exploit has been made publicly available and could be used for attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-119CWE-787

Identificadores relacionados

CVE-2026-3976

Produtos afetados

W3 Firmware

PT-2026-24916 · Tenda · W3+1

CVE-2026-3976

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12