CVE-2026-11523 | Tenda W20E 15.11.0.6 Web Management Interface /goform/PortalAuth formPortalAuth gotoUrl stack-based overflow

A vulnerability was found in Tenda W20E 15.11.0.6 and classified as critical. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow.

This vulnerability is tracked as CVE-2026-11523. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More