CVE-2026-2872 | Tenda A21 1.0.0.0 MAC Filtering Configuration Endpoint /goform/setBlackRule set_device_name devName/mac stack-based overflow

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability was found in Tenda A21 1.0.0.0. It has been declared as critical. This vulnerability affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow.

This vulnerability is listed as CVE-2026-2872. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-2872 | Tenda A21 1.0.0.0 MAC Filtering Configuration Endpoint /goform/setBlackRule set_device_name devName/mac stack-based overflow

Post correlati

CVE-2025-60361 | Radare2 up to 5.9.8 bochs_open memory leak

CVE-2024-4863 | Kadence Gutenberg Blocks Plugin up to 3.2.38 on WordPress titleFont cross site scripting

CVE-2025-26320 | t0mer BroadlinkManager 5.9.1 /device/ping IP Address os command injection

CVE-2023-52072 | sunkaifei FlyCMS 1.0 userconfig_updagte cross-site request forgery