Description
A flaw has been found in Tenda BE12 Pro 16.03.66.23. The affected element is the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
Problem types
Product status
Timeline
| 2026-07-14: | Advisory disclosed |
| 2026-07-14: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
dexingzhiqing (VulDB User)
References
vuldb.com/vuln/378242 (VDB-378242 | Tenda BE12 Pro DhcpListClient fromDhcpListClient stack-based overflow)
vuldb.com/vuln/378242/cti (VDB-378242 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15695 (CVE-2026-15695 | CVE Analysis and Report)
vuldb.com/submit/856017 (Submit #856017 | Tenda BE12 Pro V16.03.66.23 Stack-based Buffer Overflow)
github.com/cve-a/dexingzhiqing/issues/5
www.tenda.com.cn/