| Title | Tenda i3 V1.0.0.7(3856) Buffer Overflow |
|---|
| Description | A stack-based buffer overflow vulnerability exists in Tenda i3 V1.0.0.7(3856) in the formWifiMacFilterSet handler at /goform/WifiMacFilterSet. The vulnerable argument is the POST parameter GO. The handler copies this parameter into a fixed-size stack buffer without validating the input length. An oversized GO value can corrupt the stack, crash the web server process, and may allow arbitrary code execution. This issue affects the same endpoint as the index variant but is independently triggerable via the GO parameter. |
|---|
| Source | ⚠️ https://github.com/Svigo-o/Tenda_vul/tree/main/tenda-i3-v1.0.0.7(3856)-formWifiMacFilterSet-go-buffer-overflow |
|---|
| User | m202572177 (UID 95972) |
|---|
| Submission | 03/12/2026 03:42 (4 months ago) |
|---|
| Moderation | 03/27/2026 13:49 (15 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 349771 [Tenda i3 1.0.0.6(2204) /goform/WifiMacFilterSet formWifiMacFilterSet index stack-based overflow] |
|---|
| Points | 0 |
|---|