CVE-2026-7034

· NIST NVD ↗

A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.

HIGH
CVSS severity
8.8
CVSS base score
2026-04-26
Published

CWE codes

CWE-119CWE-121

Affected products

tenda:fh1202_firmwaretenda:fh1202

Sources