CVE-2026-2139 PUBLISHED

A vulnerability was determined in Tenda TX9 up to 22.03.02.10_multi. Affected by this vulnerability is the function sub_432580 of the file /goform/fast_setting_wifi_set. This manipulation of the argument ssid causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

• kdb3169 (VulDB User) reporter

• VDB-344774 | Tenda TX9 fast_setting_wifi_set sub_432580 buffer overflow
• VDB-344774 | CTI Indicators (IOB, IOC, IOA)
• Submit #747250 | Tenda TX9 V22.03.02.10_multi Buffer Overflow
• https://github.com/MRAdera/IoT-Vuls/blob/main/tenda/tx9%20pro/fast_setting_wifi_set.md
• https://github.com/MRAdera/IoT-Vuls/blob/main/tenda/tx9%20pro/fast_setting_wifi_set.md#poc
• https://www.tenda.com.cn/

• Buffer Overflow CWE
• Memory Corruption CWE