CVE-2026-2871

Name of the Vulnerable Software and Affected Versions Tenda A21 version 1.0.0.0

Description A stack-based buffer overflow exists in the fromSetIpMacBind function within the /goform/SetIpMacBind API endpoint of the Tenda A21 router. Manipulation of the argument list to this function can trigger the overflow, allowing for remote code execution or a denial-of-service condition. The exploit for this issue has been publicly released.

Recommendations Versions prior to 1.0.0.0 are recommended. At the moment, there is no information about a newer version that contains a fix for this vulnerability.