Description
A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
Published: 2026-06-08
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack‑based buffer overflow exists in the Tenda W20E firmware version 15.11.0.6 when the formSetPortMirror endpoint receives an oversized portMirrorMirroredPorts argument. This flaw can lead to arbitrary code execution or a system crash on the router. The vulnerability is a classic stack overflow (CWE-119, CWE-121) that potentially compromises confidentiality, integrity, or availability of the device and any network it routes.

Affected Systems

The affected device is the Tenda W20E model. The specific firmware impacted is 15.11.0.6. No other products or versions are listed as affected.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. The EPSS score is not available, so no estimation of exploitation probability is provided. The exploit is publicly available and can be launched remotely against the web interface. The vulnerability is not yet in the CISA KEV catalog. The likely attack vector is an unauthenticated remote attacker sending a crafted HTTP request to the setPortMirror endpoint from outside the local network.

Generated by OpenCVE AI on June 8, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Tenda W20E firmware that addresses this issue, if a patch has been released.
  • Configure the router or firewall to block any remote HTTP requests to the /goform/setPortMirror URL.
  • Disable the port mirroring feature through the router's configuration interface, or limit the number of ports that can be mirrored to reduce the possibility of an overflow.

Generated by OpenCVE AI on June 8, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 08 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Tenda w20e
Vendors & Products Tenda w20e

Mon, 08 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
Title Tenda W20E setPortMirror formSetPortMirror stack-based overflow
First Time appeared Tenda
Tenda w20e Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:w20e_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda w20e Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda W20e W20e Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-08T15:52:25.265Z

Reserved: 2026-06-07T16:06:39.937Z

Link: CVE-2026-11522

cve-icon Vulnrichment

Updated: 2026-06-08T15:52:21.528Z

cve-icon NVD

Status : Deferred

Published: 2026-06-08T16:16:36.920

Modified: 2026-06-09T01:34:33.987

Link: CVE-2026-11522

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-08T17:00:16Z

Weaknesses