CVE-2026-2202
Analyzed Analyzed - Analysis Complete
Remote Buffer Overflow in Tenda AC8 httpd Component

Publication date: 2026-02-09

Last updated on: 2026-02-10

Assigner: VulDB

Description
A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of the component httpd. The manipulation of the argument shareSpeed results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-02-10
Generated
2026-06-16
AI Q&A
2026-02-09
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2202
EUVD
EUVD-2026-6896
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tenda ac8_firmware 16.03.33.05
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-2202 is a buffer overflow vulnerability found in the Tenda AC8 router running firmware version 16.03.33.05. It exists in the WifiGuestSet interface of the embedded httpd service, specifically in the handling of the user-supplied parameter "shareSpeed." The vulnerability occurs because the input for this parameter is not properly validated for length before being copied to an output buffer.'}, {'type': 'paragraph', 'content': 'An attacker can exploit this flaw by sending a specially crafted HTTP request with an excessively long value for the "shareSpeed" parameter, which triggers the buffer overflow.'}, {'type': 'paragraph', 'content': 'This vulnerability can be exploited remotely without requiring local access or physical interaction.'}] [1, 2]

Impact Analysis

Exploitation of this vulnerability can lead to a denial-of-service (DoS) condition on the affected device by causing the buffer overflow.

Additionally, the vulnerability potentially allows attackers to compromise the confidentiality, integrity, and availability of the device.

Since the attack can be launched remotely, it increases the risk of unauthorized access or disruption without physical presence.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring HTTP requests sent to the /goform/WifiGuestSet endpoint on the Tenda AC8 router, specifically looking for unusually long or malformed values in the shareSpeed parameter.'}, {'type': 'paragraph', 'content': 'Since the exploit involves sending a specially crafted HTTP request with an excessively long shareSpeed value, detection can be done by capturing and analyzing network traffic for such suspicious requests.'}, {'type': 'paragraph', 'content': 'Commands to detect this might include using network packet capture tools like tcpdump or Wireshark to filter HTTP POST requests to /goform/WifiGuestSet and inspecting the shareSpeed parameter length.'}, {'type': 'list_item', 'content': "tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'shareSpeed'"}, {'type': 'list_item', 'content': 'Use Wireshark to filter HTTP requests with the display filter: http.request.uri contains "/goform/WifiGuestSet" and inspect the shareSpeed parameter for abnormally long values.'}] [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint by limiting network exposure of the Tenda AC8 router, such as disabling remote management or firewalling access to the device.

Since no known mitigations or patches are currently available, it is recommended to replace the affected product with an alternative device that is not vulnerable.

Additionally, monitoring for exploit attempts and applying network-level protections such as intrusion detection/prevention systems (IDS/IPS) to block suspicious HTTP requests targeting the shareSpeed parameter can help reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2202. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart