Security Advisory

CVE-2026-3972

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-12 01:32:09

Last updated 2026-03-12 16:23:07

Assigner VulDB

State PUBLISHED

Description

A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network. The exploit has been made public and could be used.

← Browse all CVEs View on cve.org ↗