CVE-2026-11503 PUBLISHED

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

• moist (VulDB User) reporter

• VDB-369123 | Tenda CX12L Wi-Fi Configuration Endpoint fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow
• VDB-369123 | CTI Indicators (IOB, IOC, IOA)
• CVE-2026-11503 | CVE Analysis and Report
• Submit #835648 | Tenda CX12L V16.03.53.12 Stack-based Buffer Overflow
• https://github.com/cve-a/moist/issues/1
• https://www.tenda.com.cn/

• Stack-based Buffer Overflow CWE
• Memory Corruption CWE