PT-2026-6985 · Tenda · Tenda Ac8

Sunnyyaya

Published

2026-02-02

Updated

2026-02-09

CVE-2026-2202

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda AC8 version 16.03.33.05

Description A buffer overflow issue exists in the fromSetWifiGusetBasic function within the /goform/WifiGuestSet file of the httpd component. The shareSpeed argument can be manipulated to trigger this issue, potentially allowing for remote attacks. The exploit for this issue is publicly available.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the fromSetWifiGusetBasic function until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2026-01495

CVE-2026-2202

Affected Products

Tenda Ac8

PT-2026-6985 · Tenda · Tenda Ac8

CVE-2026-2202

Weakness Enumeration

Related Identifiers

Affected Products

References · 14