CVE-2026-13516
Received Received - Intake

Stack-Based Buffer Overflow in Tenda JD12L Router

Publication date: 2026-06-29

Last updated on: 2026-06-29

Assigner: VulDB

Description
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-29
Last Modified
2026-06-29
Generated
2026-06-29
AI Q&A
2026-06-29
EPSS Evaluated
N/A
NVD
CVE-2026-13516
EUVD
EUVD-2026-40013

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
tenda jd12l 16.03.53.23
tenda router_jd12l_pro 16.03.53.23

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-13516 is a critical buffer overflow vulnerability in the Tenda Router JD12L Pro firmware version 16.03.53.23. It exists in the function fromSetWifiGusetBasic within the /goform/WifiGuestSet endpoint. The vulnerability arises because the function uses the unsafe strcpy function to copy the "shareSpeed" parameter without proper bounds checking.

An attacker can send an oversized input for the "shareSpeed" parameter, which overwrites stack memory. This can cause application crashes, memory corruption, or allow arbitrary code execution. The attack can be performed remotely and does not require authentication.

Impact Analysis

This vulnerability can have severe impacts including denial of service by crashing the device, information leakage, or even full device takeover through arbitrary code execution.

  • Denial of Service (DoS) by causing application crashes.
  • Memory corruption leading to unpredictable device behavior.
  • Remote arbitrary code execution allowing an attacker to control the device.
  • No authentication is required, increasing the risk of exploitation.
Detection Guidance

This vulnerability can be detected by monitoring for suspicious POST requests to the `/goform/WifiGuestSet` endpoint containing an unusually large or malformed "shareSpeed" parameter. Such requests may indicate attempts to exploit the stack-based buffer overflow.

A practical detection method is to capture and analyze network traffic targeting the affected router, specifically looking for POST requests with oversized "shareSpeed" values.

Example command using curl to test the vulnerability by sending a large "shareSpeed" parameter:

  • curl -X POST http://[router_ip]/goform/WifiGuestSet -d "shareSpeed=$(python3 -c 'print("A"*1000)')"

Additionally, network intrusion detection systems (NIDS) can be configured to alert on POST requests to `/goform/WifiGuestSet` with unusually large payloads or unexpected parameter sizes.

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint by limiting network exposure, such as placing the device behind a firewall or disabling remote management if not needed.

Apply any available firmware updates or patches from the vendor that address this vulnerability.

If patching is not immediately possible, consider implementing network-level protections such as blocking or filtering POST requests to `/goform/WifiGuestSet`.

Follow secure coding and configuration practices, including input validation and least privilege principles, as recommended for long-term remediation.

Compliance Impact

The provided information does not specify how the CVE-2026-13516 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13516. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart