Cyber Posture

CVE-2026-2186

HighPublic PoC

Published: 08 February 2026

Published
08 February 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 10.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2186 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Rx3 Firmware. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

SI-2 requires timely identification, reporting, and correction of system flaws like this stack-based buffer overflow, directly eliminating the vulnerability through patching.

SI-10 Information Input Validation good match
prevent

SI-10 mandates validation of information inputs such as the argument list to /goform/SetIpMacBind, preventing the buffer overflow manipulation.

SI-16 Memory Protection good match
prevent

SI-16 implements memory protections like stack canaries or DEP to block unauthorized code execution from stack-based buffer overflows.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Stack buffer overflow in router web form handler directly enables remote exploitation of a network-exposed device for RCE (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been…

more

disclosed to the public and may be used.

Deeper analysisAI

CVE-2026-2186 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) in Tenda RX3 router firmware version 16.03.13.11. The flaw affects the fromSetIpMacBind function in the /goform/SetIpMacBind file, where manipulation of the argument list triggers the overflow. Published on 2026-02-08, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation by attackers possessing low privileges, such as authenticated users on the network. With low attack complexity and no need for user interaction, exploitation can result in high impacts to confidentiality, integrity, and availability, potentially leading to remote code execution on the affected device.

Advisories referenced in VulDB entries (ctiid.344889, id.344889, submit.749718) and a GitHub issue (LX-66-LX/cve-new/issues/7) detail the vulnerability, confirming public disclosure of an exploit that may be used. The Tenda vendor site (tenda.com.cn) is listed among references, though specific mitigation or patch guidance is not outlined in the disclosure.

Details

CWE(s)
CWE-119CWE-121

Affected Products

tenda
rx3 firmware
16.03.13.11

CVEs Like This One

CVE-2026-2180Same product: Tenda Rx3
CVE-2026-2185Same product: Tenda Rx3
CVE-2026-2187Same product: Tenda Rx3
CVE-2026-2181Same product: Tenda Rx3
CVE-2025-29357Same product: Tenda Rx3
CVE-2025-29363Same product: Tenda Rx3
CVE-2025-29362Same product: Tenda Rx3
CVE-2025-29361Same product: Tenda Rx3
CVE-2025-29359Same product: Tenda Rx3
CVE-2025-29360Same product: Tenda Rx3

References