Description
A vulnerability was detected in Tenda BE12 Pro 16.03.66.23. Impacted is the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
Problem types
Product status
Timeline
| 2026-07-14: | Advisory disclosed |
| 2026-07-14: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
dexingzhiqing (VulDB User)
References
vuldb.com/vuln/378241 (VDB-378241 | Tenda BE12 Pro SetIpBind fromSetIpBind stack-based overflow)
vuldb.com/vuln/378241/cti (VDB-378241 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15694 (CVE-2026-15694 | CVE Analysis and Report)
vuldb.com/submit/856015 (Submit #856015 | Tenda BE12 Pro V16.03.66.23 Stack-based Buffer Overflow)
github.com/cve-a/dexingzhiqing/issues/4
www.tenda.com.cn/