Description
A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Published: 2026-03-09
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote stack-based buffer overflow
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the formSetAutoPing handler of the Tenda i3 firmware 1.0.0.6(2204). When an attacker manipulates the ping1 and ping2 parameters, a stack-based buffer overflow is triggered, potentially allowing arbitrary code execution on the device. The flaw is a classic CWE‑119/121 buffer overrun and could compromise the entire router.

Affected Systems

Tenda i3 routers running firmware version 1.0.0.6(2204). The device is marketed by Tenda and accessible via the web interface under /goform/setAutoPing.

Risk and Exploitability

The CVSS score of 8.7 reflects a high‑severity vulnerability that can be exploited remotely, enabling attackers to manipulate the ping1 and ping2 parameters and trigger a stack-based buffer overflow. EPSS indicates <1% likelihood of exploitation, and the flaw is not listed in the CISA KEV catalog, but publicly available exploits exist. An attacker can reach the vulnerable endpoint from any external network, manipulate the arguments, and may gain full control of the router.

Generated by OpenCVE AI on April 17, 2026 at 11:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Tenda that fixes the formSetAutoPing buffer overflow.
  • Limit access to the router's management interface to trusted local networks or IP addresses.
  • Disable or block the /goform/setAutoPing endpoint if auto‑ping functionality is unnecessary.

Generated by OpenCVE AI on April 17, 2026 at 11:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 09 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda i3
Tenda i3 Firmware
CPEs cpe:2.3:h:tenda:i3:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:i3_firmware:1.0.0.6\(2204\):*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda i3
Tenda i3 Firmware

Mon, 09 Mar 2026 04:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Title Tenda i3 setAutoPing formSetAutoPing stack-based overflow
Weaknesses CWE-119
CWE-121
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda I3 I3 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-10T15:52:29.729Z

Reserved: 2026-03-08T12:39:28.627Z

Link: CVE-2026-3801

cve-icon Vulnrichment

Updated: 2026-03-10T15:52:18.181Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-09T04:16:08.643

Modified: 2026-03-09T16:14:42.520

Link: CVE-2026-3801

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T12:00:11Z

Weaknesses