Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
CVE-2026-10192: Tenda W12 Firmware Allows Remote Time Manipulation Attack
CVE-2026-10192
Summary
A security flaw in Tenda W12 firmware version 3.0.0.7 allows hackers to manipulate the device's time remotely. This could potentially be used to gain unauthorized access to the device. We recommend updating to the latest firmware version to fix this issue.
Original title
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based ...
Original description
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 31 May 2026 · Updated: 31 May 2026 · First seen: 31 May 2026