vulnerability context

CVE-2026-13517

CVSS 8.8 HIGHEPSS 37%CWE-119OTX 1 pulse

A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security_5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

Published 2026-06-29 · last modified 2026-06-29

details

CISA KEV status: Not in catalog
CVSS v3: 8.8 / HIGH
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS: 37% percentile (score 0.0047)
CWE: CWE-119
OTX pulses: 1 total, 0 recent

View on NVD → · cve.org

source mentions 2

[Some Hermes agent] Daily IT Security Digest — 2026-06-29 System (CVSS 6.9). Tenda JD12L routers have a HIGH severity stack buff...Bluesky · 1d ago
[OffSequence] Stack-based buffer overflow (HIGH) in Tenda JD12L v16.03.53.23 enables remote code risks. Exploit is public, no patc...Bluesky · 1d ago

source consensus

Bluesky2×

Want the 3-bullet summary of CVE-2026-13517, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →