Stack-Based Buffer Overflow in Tenda JD12L Router

Executive Summary

CVE-2026-13517 is a buffer overflow vulnerability found in the Tenda Router JD12L Pro firmware version V16.03.53.23. It exists in the function formWifiBasicSet, specifically in the handling of the security_5g parameter in POST requests to the /goform/WifiBasicSet endpoint.

The vulnerability arises because the security_5g parameter is copied into a fixed 256-byte buffer using the unsafe strcpy function without proper bounds checking. An attacker can send input larger than 256 bytes, causing a stack-based buffer overflow.

This overflow can lead to application crashes, memory corruption, or arbitrary code execution, potentially allowing an attacker to take control of the router remotely without authentication.

Useful 0 Not Useful 0

Impact Analysis

Exploitation of this vulnerability can have serious impacts including denial-of-service attacks by crashing the router, arbitrary code execution allowing attackers to run malicious code on the device, and information leakage.

An attacker who successfully exploits this flaw could take control of the router, monitor network traffic, or use the compromised device as a pivot point to attack other devices on the network.

This compromises device stability, data confidentiality, and overall system security.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by sending a specially crafted POST request to the /goform/WifiBasicSet endpoint of the Tenda JD12L router running firmware version V16.03.53.23. The request should include an oversized security_5g parameter that exceeds the expected 256-byte buffer size.

A proof-of-concept Python script exists that sends such a POST request with an oversized security_5g parameter to test for the buffer overflow vulnerability.

For manual detection, you can use curl or similar tools to send a POST request with a large security_5g parameter, for example:

• curl -X POST http://<router-ip>/goform/WifiBasicSet -d "security_5g=$(python3 -c 'print("A"*300)')"

If the device crashes, behaves unexpectedly, or returns errors, it may be vulnerable.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include applying any available firmware updates from Tenda that address this vulnerability.

If updates are not available, restrict access to the router's management interface to trusted networks only, to reduce the risk of remote exploitation.

Disable remote management features if possible, to prevent attackers from sending malicious POST requests remotely.

Implement network-level protections such as firewall rules to block suspicious POST requests targeting /goform/WifiBasicSet.

Long term, the vulnerability should be fixed by the vendor by replacing unsafe functions like strcpy with safer alternatives, validating input length, and sanitizing user input.

Useful 0 Not Useful 0