Description
A security flaw has been discovered in Tenda BE12 Pro 16.03.66.23. This affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
Problem types
Product status
Timeline
| 2026-07-14: | Advisory disclosed |
| 2026-07-14: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
dexingzhiqing (VulDB User)
References
vuldb.com/vuln/378238 (VDB-378238 | Tenda BE12 Pro SafeClientFilter fromSafeClientFilter stack-based overflow)
vuldb.com/vuln/378238/cti (VDB-378238 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15691 (CVE-2026-15691 | CVE Analysis and Report)
vuldb.com/submit/855999 (Submit #855999 | Tenda BE12 Pro V16.03.66.23 Stack-based Buffer Overflow)
github.com/cve-a/dexingzhiqing/issues/1
www.tenda.com.cn/