Description
A vulnerability has been found in Tenda BE12 Pro 16.03.66.23. The impacted element is the function fromVirtualSer of the file /goform/VirtualSer. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Problem types
Product status
Timeline
| 2026-07-14: | Advisory disclosed |
| 2026-07-14: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
dexingzhiqing (VulDB User)
References
vuldb.com/vuln/378243 (VDB-378243 | Tenda BE12 Pro VirtualSer fromVirtualSer stack-based overflow)
vuldb.com/vuln/378243/cti (VDB-378243 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15696 (CVE-2026-15696 | CVE Analysis and Report)
vuldb.com/submit/856019 (Submit #856019 | Tenda BE12 Pro V16.03.66.23 Stack-based Buffer Overflow)
github.com/cve-a/dexingzhiqing/issues/6
www.tenda.com.cn/