VYPR

CWE-121

Stack-based Buffer Overflow

VariantDraftLikelihood: High

Description

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (790)

page 18 of 40
  • CVE-2026-4493HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda A18 Pro 02.03.02.28. The impacted element is the function sub_423B50 of the file /goform/setMacFilterCfg of the component MAC Filtering Configuration Endpoint. Executing a manipulation of the argument deviceList can lead to stack-based…

  • CVE-2026-4492HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda A18 Pro 02.03.02.28. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. The attack is possible to be carried out…

  • CVE-2026-4491HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in Tenda A18 Pro 02.03.02.28. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been…

  • CVE-2026-4490HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda A18 Pro 02.03.02.28. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. This manipulation causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

  • CVE-2026-4489HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda A18 Pro 02.03.02.28. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is…

  • CVE-2026-4486HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from…

  • CVE-2026-4188HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack may be…

  • CVE-2026-4167HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in Belkin F9K1122 1.00.33. This affects the function formReboot of the file /goform/formReboot. This manipulation of the argument webpage causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly…

  • CVE-2026-4043HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The…

  • CVE-2026-4042HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Tenda i12 1.0.0.6(2204). The affected element is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. This manipulation of the argument index causes stack-based buffer overflow. The attack may be initiated remotely. The…

  • CVE-2026-4041HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been…

  • CVE-2026-4008HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda W3 1.0.0.3(2204). This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to…

  • CVE-2026-4007HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda W3 1.0.0.3(2204). This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to…

  • CVE-2026-3976HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is…

  • CVE-2026-3975HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Tenda W3 1.0.0.3(2204). This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component POST Parameter Handler. Performing a manipulation of the argument wl_radio results in stack-based buffer…

  • CVE-2026-3974HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Tenda W3 1.0.0.3(2204). This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be…

  • CVE-2026-3973HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible…

  • CVE-2026-3972HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed…

  • CVE-2026-3971HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible.…

  • CVE-2026-3970HigMar 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published…