Stack-Based Buffer Overflow in Tenda JD12L Router
CVE-2026-13517
Key Information:
Badges
What is CVE-2026-13517?
A critical vulnerability exists in the Tenda JD12L router where the function formWifiBasicSet, located in /goform/WifiBasicSet, is susceptible to a stack-based buffer overflow due to improper handling of the security_5g argument. This flaw allows attackers to execute a remote exploit, potentially compromising the device's integrity and security. Users are advised to patch their devices promptly to mitigate the risk associated with this vulnerability.
Affected Version(s)
JD12L 16.03.53.23
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved