CVE-2026-10190

Sažetak

A vulnerability was found in Tenda W12 3.0.0.7(4763). This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument web_over_time results in denial of service. It is possible to launch the attack remotely. The exploit has been made public and could be used.

Reference

http://cdn2.v50to.cc/cgiSysWebTimeoutSet_dos.zip
https://vuldb.com/cve/CVE-2026-10190
https://vuldb.com/submit/820022
https://vuldb.com/vuln/367471
https://vuldb.com/vuln/367471/cti
https://www.tenda.com.cn/

CVSS

Base:	6.8
Impact:	6.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:N/A:C

Zadnje važnije ažuriranje

31-05-2026 - 16:16

Objavljeno

31-05-2026 - 16:16