CVE-2026-3970— Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow

CVSS 8.8 · High EPSS 0.09% · P26 Updated Mar 13, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-3970

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

栈缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

Tenda i3 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Tenda i3是中国腾达（Tenda）公司的一个无线接入点设备。 Tenda i3 1.0.0.6(2204)版本存在安全漏洞，该漏洞源于对文件/goform/wifiSSIDget中参数index的错误操作，可能导致栈缓冲区溢出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Tenda	i3	1.0.0.6(2204)	`cpe:2.3:o:tenda:i3_firmware::::::::`

II. Public POCs for CVE-2026-3970

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-3970

请登录查看更多情报信息。

Same Patch Batch · Tenda · 2026-03-12 · 12 CVEs total

CVE-2026-4043	8.8 HIGH	Tenda i12 wifiSSIDget formwrlSSIDget stack-based overflow
CVE-2026-4042	8.8 HIGH	Tenda i12 WifiMacFilterGet formWifiMacFilterGet stack-based overflow
CVE-2026-4041	8.8 HIGH	Tenda i12 exeCommand vos_strcpy stack-based overflow
CVE-2026-4008	8.8 HIGH	Tenda W3 POST Parameter wifiSSIDset stack-based overflow
CVE-2026-4007	8.8 HIGH	Tenda W3 POST Parameter wifiSSIDget stack-based overflow
CVE-2026-3976	8.8 HIGH	Tenda W3 POST Parameter WifiMacFilterSet formWifiMacFilterSet stack-based overflow
CVE-2026-3975	8.8 HIGH	Tenda W3 POST Parameter WifiMacFilterGet formWifiMacFilterGet stack-based overflow
CVE-2026-3974	8.8 HIGH	Tenda W3 HTTP exeCommand formexeCommand stack-based overflow
CVE-2026-3973	8.8 HIGH	Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow
CVE-2026-3972	8.8 HIGH	Tenda W3 HTTP setcfm formSetCfm stack-based overflow
CVE-2026-3971	8.8 HIGH	Tenda i3 wifiSSIDset formwrlSSIDset stack-based overflow

IV. Related Vulnerabilities

Same product: i3

Same vendor: Tenda

Same weakness: CWE-121

V. Comments for CVE-2026-3970

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-3970— Tenda i3 wifiSSIDget formwrlSSIDget stack-based overflow

I. Basic Information for CVE-2026-3970

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-3970

III. Intelligence Information for CVE-2026-3970

Same Patch Batch · Tenda · 2026-03-12 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-3970

Leave a comment