Tenda FH1201 Stack-Based Buffer Overflow Vulnerability (CVE-2026-5046)
A stack-based buffer overflow vulnerability (CVE-2026-5046) in Tenda FH1201 version 1.2.0.14(408) allows remote attackers to execute arbitrary code by manipulating the GO argument in the formWrlExtraSet function of the /goform/WrlExtraSet component.
CVE-2026-5046 is a stack-based buffer overflow vulnerability affecting Tenda FH1201 routers running firmware version 1.2.0.14(408). The vulnerability resides within the formWrlExtraSet function of the /goform/WrlExtraSet component, specifically in the handling of the GO argument. A remote attacker can exploit this flaw by sending a crafted HTTP request with a maliciously oversized GO parameter, overwriting the stack and potentially gaining arbitrary code execution on the device. The…
Detection coverage 2
Detect Suspiciously Long GO Parameter in Tenda FH1201 Request
highDetects HTTP POST requests to /goform/WrlExtraSet with a GO parameter exceeding a reasonable length, indicating a potential buffer overflow attempt.
Detect Tenda FH1201 formWrlExtraSet Access from Unusual IP
mediumDetects access to the formWrlExtraSet endpoint from IP addresses not commonly associated with router administration, potentially indicating unauthorized access or exploitation attempts.
Detection queries are kept inside the platform. Get full rules →
Indicators of compromise
1