CVE-2026-10189
Stack-Based Buffer Overflow in Tenda W12 Router
Publication date: 2026-05-31
Last updated on: 2026-05-31
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | w12 | 3.0.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-10189 is a buffer overflow vulnerability found in the cgiSysTimeInfoSet function of the Tenda W12 device firmware version 3.0.0.7(4763). Specifically, the vulnerability arises from improper handling of the 'sec' argument, which leads to a stack-based buffer overflow.
This flaw can be exploited remotely by sending specially crafted input that exceeds the allocated buffer size, potentially allowing an attacker to execute arbitrary code or cause a denial of service on the affected device.
How can this vulnerability impact me? :
The vulnerability can have severe impacts including remote code execution and denial of service on the affected Tenda W12 device. An attacker exploiting this flaw could gain control over the device, disrupt its normal operation, or use it as a foothold to launch further attacks within a network.
- Remote code execution allowing full control of the device.
- Denial of service causing the device or service to crash or become unavailable.
- Potential compromise of network security if the device is part of a larger infrastructure.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the cgiSysTimeInfoSet function in the /bin/httpd service of Tenda W12 devices. Detection can involve monitoring for unusual or specially crafted HTTP requests targeting the cgiSysTimeInfoSet endpoint, especially those manipulating the 'sec' argument to trigger a buffer overflow.
Since the vulnerability is triggered by sending crafted input to the web interface, you can use network inspection tools or command-line utilities to detect such attempts.
- Use curl or wget to send test requests to the vulnerable CGI endpoint and observe responses, for example: curl -v http://<device-ip>/cgiSysTimeInfoSet?sec=<malicious_payload>
- Use network packet capture tools like tcpdump or Wireshark to monitor HTTP traffic for suspicious requests targeting /cgiSysTimeInfoSet.
- Check device logs for crashes or unusual behavior related to the /bin/httpd process, which may indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable web interface to trusted networks only, such as by using firewall rules or network segmentation.
Avoid exposing the device's management interface to the internet or untrusted networks to reduce the risk of remote exploitation.
Monitor the device for signs of exploitation, such as crashes or unexpected behavior of the /bin/httpd process.
If available, apply any official patches or firmware updates from the vendor that address this vulnerability.
As a temporary measure, consider disabling the vulnerable CGI function or the web management interface if possible.