CVE-2026-4007

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda W3 version 1.0.0.3(2204)

Description A stack-based buffer overflow exists in the Tenda W3 version 1.0.0.3(2204). The issue is located in unknown code within the /goform/wifiSSIDget file of the POST Parameter Handler component. Manipulation of the index argument can trigger the buffer overflow, allowing for remote exploitation. The exploit is publicly available.

Recommendations Versions prior to 1.0.0.3(2204) are recommended.

Exploit

Fix

Stack Overflow

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787CWE-119

Related Identifiers

BDU:2026-04261

CVE-2026-4007

Affected Products

Tenda W3

CVE-2026-4007

Weakness Enumeration

Related Identifiers

Affected Products

References · 15