CVE-2026-11523 | Tenda W20E 15.11.0.6 Web Management Interface /goform/PortalAuth formPortalAuth gotoUrl stack-based overflow

Inserito da Angelo Barbosa | Giu 7, 2026 | CVE

A vulnerability was found in Tenda W20E 15.11.0.6 and classified as critical. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow.

This vulnerability is tracked as CVE-2026-11523. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-11523 | Tenda W20E 15.11.0.6 Web Management Interface /goform/PortalAuth formPortalAuth gotoUrl stack-based overflow

Post correlati

CVE-2023-42949 | Apple iOS/iPadOS Temporary Directory access control

CVE-2024-11527 | IrfanView DWG File Parser memory corruption (ZDI-24-1538)

CVE-2024-31817 | Totolink EX200 up to 4.0.3c.7646_B20201211 getSysStatusCfg information disclosure

VDB-278245 | Backdoor.Win32.Delf.yj Service Port 8080 information disclosure