CVE-2026-36821 | Tenda W20E 15.11.0.6 HTTP formCropAndSetWewifiPic picCropName buffer overflow

A vulnerability marked as critical has been reported in Tenda W20E 15.11.0.6. The impacted element is the function formCropAndSetWewifiPic of the component HTTP Handler. Performing a manipulation of the argument picCropName results in buffer overflow.

This vulnerability is cataloged as CVE-2026-36821. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More