CVE-2026-3974 | Tenda W3 1.0.0.3(2204) HTTP /goform/exeCommand formexeCommand cmdinput stack-based overflow

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability, which was classified as critical, was found in Tenda W3 1.0.0.3(2204). This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow.

This vulnerability is listed as CVE-2026-3974. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-3974 | Tenda W3 1.0.0.3(2204) HTTP /goform/exeCommand formexeCommand cmdinput stack-based overflow

Post correlati

CVE-2025-13574 | code-projects Online Bidding System 1.0 addcategory.php categoryadd catimage unrestricted upload

CVE-2024-13480 | enituretechnology LTL Freight Quotes Plugin up to 3.4.1 on WordPress edit_id/dropship_edit_id sql injection

CVE-2025-6239 | Zoho ManageEngine Applications Manager up to 176800 File Monitor information disclosure

CVE-2024-52298 | xwikisas macro-pdfviewer up to 2.5.5 Delegate my view right inclusion of sensitive information in source code comments (GHSA-hph4-7j37-7c97)