CVE-2026-2185 | Tenda RX3 16.03.13.11 MAC Filtering Configuration Endpoint /goform/setBlackRule set_device_name devName/mac stack-based overflow

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability marked as critical has been reported in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow.

This vulnerability is tracked as CVE-2026-2185. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-2185 | Tenda RX3 16.03.13.11 MAC Filtering Configuration Endpoint /goform/setBlackRule set_device_name devName/mac stack-based overflow

Post correlati

CVE-2025-52939 | dail8859 NotepadNext up to 0.11 ldebug.C out-of-bounds write

CVE-2024-6763 | Eclipse Jetty up to 12.0.11 URL Parser improper validation of syntactic correctness of input (ID 25)

CVE-2024-29511 | Artifex Ghostscript up to 10.03.0 Tesseract /tmp/out debug_file path traversal

CVE-2024-7922 | D-Link DNS-1550-04 up to 20240814 /cgi-bin/myMusic.cgi command injection