Description
A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Published: 2026-03-12
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a stack-based buffer overflow in the vos_strcpy function of Tenda i12 firmware version 1.0.0.6(2204). An attacker can manipulate the cmdinput argument supplied to the /goform/exeCommand endpoint to overflow the stack, allowing arbitrary code execution. This flaw is based on CWE-119 and CWE-121 weaknesses.

Affected Systems

All Tenda i12 routers running firmware 1.0.0.6(2204) are affected. The vulnerability exists in the /goform/exeCommand functionality.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the EPSS score of less than 1% suggests a low probability of exploitation in the wild. Although not listed in the CISA KEV catalog, public exploit code is available, and the attack can be launched remotely by sending a crafted cmdinput string. If exploited, the attacker could gain full control of the device.

Generated by OpenCVE AI on March 18, 2026 at 15:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest Tenda i12 firmware that addresses the buffer overflow
  • If an update is not available, restrict or disable remote access to the /goform/exeCommand endpoint
  • Implement firewall rules to limit external IPs that can reach the router’s administrative interface
  • Monitor device logs and traffic for anomalous command execution attempts

Generated by OpenCVE AI on March 18, 2026 at 15:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
CPEs cpe:2.3:h:tenda:i12:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:i12_firmware:1.0.0.6\(2204\):*:*:*:*:*:*:*

Fri, 13 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda i12
Vendors & Products Tenda i12

Thu, 12 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Title Tenda i12 exeCommand vos_strcpy stack-based overflow
First Time appeared Tenda
Tenda i12 Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:i12_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda i12 Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda I12 I12 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-12T15:34:55.150Z

Reserved: 2026-03-12T08:29:58.398Z

Link: CVE-2026-4041

cve-icon Vulnrichment

Updated: 2026-03-12T15:34:51.304Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-12T15:16:33.550

Modified: 2026-04-02T20:05:05.733

Link: CVE-2026-4041

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T15:49:46Z

Weaknesses