Stack-Based Buffer Overflow in Tenda JD12L Router
CVE-2026-13518
Key Information:
Badges
What is CVE-2026-13518?
A vulnerability has been identified in the Tenda JD12L router, specifically in the function fromAddressNat located in the /goform/addressNat file. An attacker can manipulate the 'page' argument, resulting in a stack-based buffer overflow condition. This vulnerability allows for potential remote exploitation, raising serious security concerns. It is crucial for users to remain vigilant and implement necessary security measures, as the exploit details have already been made public and may be actively used by malicious actors.
Affected Version(s)
JD12L 16.03.53.23
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved