Buffer Overflow Vulnerability in Tenda CX12L Wi-Fi Schedule Configuration
CVE-2026-11504
Key Information:
Badges
What is CVE-2026-11504?
A stack-based buffer overflow vulnerability has been found in the Tenda CX12L, specifically within the Wi-Fi Schedule Configuration Endpoint's setSchedWifi function. This flaw allows an attacker to manipulate the schedStartTime and schedEndTime arguments, potentially enabling remote exploitation. The details of this vulnerability are now publicly available, raising concerns for users to ensure their devices are secured against potential unauthorized access.
Affected Version(s)
CX12L 16.03.53.12
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved