CVE-2026-24113
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: total
Additional References
References
- https://www.tenda.com.cn/material/show/2707
- https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2026-24113
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.