CVE-2026-4041 | Tenda i12 1.0.0.6(2204) /goform/exeCommand vos_strcpy cmdinput stack-based overflow

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability categorized as critical has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow.

This vulnerability is reported as CVE-2026-4041. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-4041 | Tenda i12 1.0.0.6(2204) /goform/exeCommand vos_strcpy cmdinput stack-based overflow

Post correlati

CVE-2024-3434 | CP Plus Wi-Fi Camera up to 20240401 User Management improper authorization

CVE-2025-23710 | Mayur Sojitra Flying Twitter Birds Plugin up to 1.8 on WordPress cross-site request forgery

CVE-2025-11289 | westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab Template Management Page TemplateFileServiceImpl.java save cross site scripting

CVE-2024-23186 | Open-Xchange OX App Suite up to 8.21 Web Interface cross site scripting