Cyber Resilience

CVE-2026-2180

HighPublic PoC

Published: 08 February 2026

Published
08 February 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0055 41.8th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-2180 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Rx3 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 41.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-2180 is a stack-based buffer overflow vulnerability in Tenda RX3 firmware version 16.03.13.11. The flaw affects an unknown function in the /goform/fast_setting_wifi_set file, triggered by manipulation of the ssid_5g argument. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation by attackers with low privileges, such as authenticated users, requiring low complexity and no user interaction. Successful attacks can result in high impacts to confidentiality, integrity, and availability, potentially leading to arbitrary code execution on the device. A public exploit is available, which may facilitate its use in the wild.

Advisories and additional details are provided by VulDB (ctiid.344883, id.344883, submit.749703) and a GitHub issue at LX-66-LX/cve-new/issues/4, along with the vendor site at tenda.com.cn. Security practitioners should review these references for any patch availability or mitigation guidance.

EU & UK References

Vulnerability details

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and…

more

might be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Stack-based buffer overflow in router web interface (/goform/fast_setting_wifi_set) allows remote authenticated attackers to achieve arbitrary code execution, directly enabling T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2187Same product: Tenda Rx3
CVE-2026-2186Same product: Tenda Rx3
CVE-2026-2185Same product: Tenda Rx3
CVE-2026-2181Same product: Tenda Rx3
CVE-2025-29357Same product: Tenda Rx3
CVE-2025-29362Same product: Tenda Rx3
CVE-2025-29363Same product: Tenda Rx3
CVE-2025-29359Same product: Tenda Rx3
CVE-2025-29360Same product: Tenda Rx3
CVE-2025-29358Same product: Tenda Rx3

Affected Assets

tenda
rx3 firmware
16.03.13.11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents stack buffer overflows by enforcing input validation on parameters like ssid_5g at web endpoints such as /goform/fast_setting_wifi_set.

prevent

Mitigates exploitation of stack-based buffer overflows through memory protections like stack canaries and address space layout randomization.

prevent

Requires timely patching and remediation of the specific buffer overflow flaw in Tenda RX3 firmware version 16.03.13.11.

References