CVE-2026-15695
Tenda · BE12 Pro
A stack-based buffer overflow vulnerability exists in the Tenda BE12 Pro router, which may allow an authenticated attacker to trigger memory corruption.
Executive summary
A memory corruption vulnerability in the Tenda BE12 Pro router allows authenticated attackers to potentially execute arbitrary code or cause a denial of service.
Vulnerability
The flaw is identified as a stack-based buffer overflow and general memory corruption. According to the CVSS vector, this attack requires the attacker to have low-level privileges (authenticated), meaning the impact is localized to users who have already gained access to the management interface.
Business impact
With a CVSS score of 8.8, this vulnerability represents a high risk to network infrastructure. If exploited, an attacker could compromise the router's operating system, leading to full network traffic interception, unauthorized configuration changes, or a complete loss of service for the network relying on this hardware.
Remediation
Immediate Action: Check the Tenda support website or the provided VulDB advisory for firmware updates and apply them to all affected BE12 Pro devices.
Proactive Monitoring: Review router management logs for suspicious login activity or unusual administrative commands that could indicate an attempt to trigger the overflow.
Compensating Controls: Restrict access to the router's management interface to a dedicated, isolated management VLAN and disable remote management features to prevent unauthorized access.
Exploitation status
Public Exploit Available: No
Analyst recommendation
Although the vulnerability requires authentication, the potential for total system compromise necessitates prompt attention. Administrators should verify the current firmware version and coordinate a maintenance window to apply the necessary security updates to maintain the integrity of the network perimeter.