{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1329", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-01-22T07:51:42.763Z", "datePublished": "2026-01-22T14:32:18.996Z", "dateUpdated": "2026-02-23T08:53:35.403Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T08:53:35.403Z"}, "title": "Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "Tenda", "product": "AX1803", "versions": [{"version": "1.0.0.1", "status": "affected"}], "cpes": ["cpe:2.3:o:tenda:ax1803_firmware:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-01-22T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-01-22T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-01-24T15:20:19.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "wlupus (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.342305", "name": "VDB-342305 | Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.342305", "name": "VDB-342305 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.736063", "name": "Submit #736063 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736064", "name": "Submit #736064 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736065", "name": "Submit #736065 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736066", "name": "Submit #736066 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736067", "name": "Submit #736067 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://river-brow-763.notion.site/Tenda-AX1803-Buffer-Overflow-in-fromGetWifiGusetBasic-2e3a595a7aef80a78225db34317daa40#2e3a595a7aef801ab517e4af5631227a", "tags": ["exploit"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T15:07:23.213068Z", "id": "CVE-2026-1329", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T15:08:03.723Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1329", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-22T15:07:23.213068Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T15:07:54.842Z"}}], "cna": {"title": "Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "wlupus (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:o:tenda:ax1803_firmware:*:*:*:*:*:*:*:*"], "vendor": "Tenda", "product": "AX1803", "versions": [{"status": "affected", "version": "1.0.0.1"}]}], "timeline": [{"lang": "en", "time": "2026-01-22T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-01-22T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-01-24T15:20:19.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.342305", "name": "VDB-342305 | Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.342305", "name": "VDB-342305 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.736063", "name": "Submit #736063 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736064", "name": "Submit #736064 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736065", "name": "Submit #736065 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736066", "name": "Submit #736066 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.736067", "name": "Submit #736067 | Tenda AX1803 V1.0.0.1 Stack-based Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://river-brow-763.notion.site/Tenda-AX1803-Buffer-Overflow-in-fromGetWifiGusetBasic-2e3a595a7aef80a78225db34317daa40#2e3a595a7aef801ab517e4af5631227a", "tags": ["exploit"]}, {"url": "https://www.tenda.com.cn/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T08:53:35.403Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1329", "state": "PUBLISHED", "dateUpdated": "2026-02-23T08:53:35.403Z", "dateReserved": "2026-01-22T07:51:42.763Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-01-22T14:32:18.996Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B81C53EE-14CD-426B-ADF3-6D9B4D69DC84", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*", "matchCriteriaId": "413B93A8-6188-4D89-8141-C5B73F4AA071", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used."}], "id": "CVE-2026-1329", "lastModified": "2026-02-03T13:59:25.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-01-22T15:16:54.757", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://river-brow-763.notion.site/Tenda-AX1803-Buffer-Overflow-in-fromGetWifiGusetBasic-2e3a595a7aef80a78225db34317daa40#2e3a595a7aef801ab517e4af5631227a"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.342305"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.342305"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736063"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736064"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736065"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736066"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.736067"}, {"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://www.tenda.com.cn/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-121"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T15:25:29.878011+00:00", "value": {"mitigation_remediation": ["Upgrade the router firmware to the latest version that contains the stack\u2011overflow fix.", "If the guest Wi\u2011Fi function is not required, disable the guest network feature to remove the vulnerable endpoint.", "Restrict external access to the router\u2019s management interface by applying firewall rules or enabling VPN\u2011only access; ensure the device is not reachable from untrusted networks."], "summary": {"action": "Immediate patch", "impact": "Remote code execution"}, "threat_synthesis": {"affected_systems": "Tenda AX1803 routers running firmware version 1.0.0.1 are affected. No other firmware versions were identified in the CNA data.", "description_and_impact": "The flaw is a stack\u2011based buffer overflow triggered by manipulating the guest Wi\u2011Fi configuration parameters \u2013 guestWrlPwd, guestEn, guestSsid, hideSsid, and guestSecurity \u2013 in the fromGetWifiGuestBasic function of /goform/WifiGuestSet. Remote parties can supply overtly large or malformed values which overflow the stack, potentially allowing arbitrary code execution on the router\u2019s firmware. Based on the description, it is inferred that an attacker who can reach the router\u2019s web interface could exploit this flaw to execute code or cause a crash.", "risk_and_exploitability": "The CVSS score of 8.7 indicates high severity. The EPSS score of <1% shows a low historical exploitation probability, but the presence of a published exploit indicates that real\u2011world attacks are possible. The vulnerability can be exploited remotely by sending crafted requests to the device\u2019s Web interface, as indicated by the CVE description. It is not listed in the CISA KEV catalog. The flaw belongs to CWE\u2011119 and CWE\u2011121, classic stack\u2011based overflow weaknesses."}}}}, "created": "2026-01-23T16:32:39.125168+00:00", "updated": "2026-04-18T15:30:03.961966+00:00", "vendors": ["tenda", "tenda$PRODUCT$ax1803"]}