CVE-2026-3970

CWE-119Buffer OverflowCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write3 documents3 sources
Severity
7.4HIGH
EPSS
0.1%
top 74.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tenda I3Tenda I3 Firmware
Timeline
PublishedMar 12

Description

A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5tenda/i31.0.0.6(2204)
NVDtenda/i3_firmware1.0.0.6\(2204\)

🔴Vulnerability Details

2
GHSA
GHSA-84xh-4ccm-v989: A flaw has been found in Tenda i3 12026-03-12
CVEList
Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow2026-03-12