CVE-2026-2140

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda TX9 versions up to 22.03.02.10 multi

Description A flaw exists in the Tenda TX9 device, specifically within the sub 4223E0 function located in the /goform/setMacFilterCfg file. Manipulation of the deviceList argument can trigger a buffer overflow. This issue can be exploited remotely. The exploit is publicly available.

Recommendations Update to a version later than 22.03.02.10 multi.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-119

Related Identifiers

BDU:2026-02488

CVE-2026-2140

Affected Products

Tenda Tx9

CVE-2026-2140

Weakness Enumeration

Related Identifiers

Affected Products

References · 15