Tenda I3 vulnerabilities

CVE-2026-5841 [MEDIUM] CWE-22 CVE-2026-5841: A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7Web A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

CVE-2026-3970 [HIGH] CWE-119 CVE-2026-3970: A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is the function formwrlSSIDget of the file A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

CVE-2026-3971 [HIGH] CWE-119 CVE-2026-3971: A vulnerability has been found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the func A vulnerability has been found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument index/GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

CVE-2026-3803 [HIGH] CWE-119 CVE-2026-3803: A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilte A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

CVE-2026-3804 [HIGH] CWE-119 CVE-2026-3804: A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the functi A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for atta

CVE-2026-3801 [HIGH] CWE-119 CVE-2026-3801: A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

CVE-2026-3799 [HIGH] CWE-119 CVE-2026-3799: A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /g A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

CVE-2026-3802 [HIGH] CWE-119 CVE-2026-3802: A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function for A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.