<0.1% probability · 14.3th percentile — 2026-05-11
Affected versions
Tenda CX12L 16.03.53.12
Summary
This is a remote stack-based buffer overflow vulnerability in Tenda CX12L consumer wireless routers. The flaw resides in the formSetPPTPServer function that handles PPTP server configuration. A remote attacker can trigger the overflow to execute arbitrary code with root privileges on the affected device.
Remediation
Check for the latest official firmware update from Tenda for the CX12L model and install available patches immediately. Disable the PPTP server functionality if it is not actively used, and restrict external access to the router's management interface to trusted IP addresses only.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.