CVE-2026-11504

🗓️ 08 Jun 2026 10:00:13Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 19 Views🌐 WEB

2026-11504 vulnerability in Tenda CX12L allows remote stack overflow in openSchedWifi setSchedWifi.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-11504	8 Jun 202610:00	–	attackerkb
Circl	CVE-2026-11504	8 Jun 202613:15	–	circl
CNNVD	Tenda CX12L 缓冲区错误漏洞	8 Jun 202600:00	–	cnnvd
Cvelist	CVE-2026-11504 Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow	8 Jun 202610:00	–	cvelist
EUVD	EUVD-2026-35039	8 Jun 202610:00	–	euvd
NVD	CVE-2026-11504	8 Jun 202612:16	–	nvd
Positive Technologies	PT-2026-47267	8 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-11504	9 Jun 202614:59	–	redhatcve
Vulnrichment	CVE-2026-11504 Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow	8 Jun 202610:00	–	vulnrichment

Vulners

Node

tenda cx12lMatch16.03.53.12

[
  {
    "vendor": "Tenda",
    "product": "CX12L",
    "versions": [
      {
        "version": "16.03.53.12",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:o:tenda:cx12l_firmware:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "Wi-Fi Schedule Configuration Endpoint"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/369124
vuldb	www.vuldb.com/vuln/369124/cti
github	www.github.com/cve-a/moist/issues/2
vuldb	www.vuldb.com/submit/835649
tenda	www.tenda.com.cn/
vuldb	www.vuldb.com/cve/CVE-2026-11504

Parameter	Position	Path	Description	CWE
schedStartTime	request body	/goform/openSchedWifi	Stack-based buffer overflow in schedStartTime/schedEndTime handling via /goform/openSchedWifi	CWE-119, CWE-121
schedEndTime	request body	/goform/openSchedWifi	Stack-based buffer overflow in schedStartTime/schedEndTime handling via /goform/openSchedWifi	CWE-119, CWE-121

17 Jun 2026 10:14Current

8.4High risk

Vulners AI Score8.4

CVSS 48.7

CVSS 3.18.8

CVSS 29

CVSS 38.8

EPSS0.00466

SSVC