CVE-2026-24111
Received Received - Intake
Buffer Overflow in Tenda W20E addAuthUser Function

Publication date: 2026-03-02

Last updated on: 2026-03-05

Assigner: MITRE

Description
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addAuthUser` function and processed by `sscanf` without size validation, it could lead to buffer overflow.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-02
Last Modified
2026-03-05
Generated
2026-06-16
AI Q&A
2026-03-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24111
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tenda w20e_firmware 15.11.0.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Tenda W20E device, specifically version 4.0br_V15.11.0.6. It occurs when an attacker specifies a value for the parameter `userInfo` that is passed into the `addAuthUser` function. The function processes this input using the `sscanf` function without validating the size of the input. This lack of size validation can lead to a buffer overflow condition.

Impact Analysis

The buffer overflow caused by this vulnerability can potentially allow attackers to execute arbitrary code or cause a denial of service on the affected device. This could lead to unauthorized access, disruption of network services, or compromise of the device's integrity.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24111. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart