CVE-2026-15695

Tenda · BE12 Pro

A stack-based buffer overflow vulnerability exists in the Tenda BE12 Pro router, which may allow an authenticated attacker to trigger memory corruption.

Executive summary

A memory corruption vulnerability in the Tenda BE12 Pro router allows authenticated attackers to potentially execute arbitrary code or cause a denial of service.

Vulnerability

The flaw is identified as a stack-based buffer overflow and general memory corruption. According to the CVSS vector, this attack requires the attacker to have low-level privileges (authenticated), meaning the impact is localized to users who have already gained access to the management interface.

Business impact

With a CVSS score of 8.8, this vulnerability represents a high risk to network infrastructure. If exploited, an attacker could compromise the router's operating system, leading to full network traffic interception, unauthorized configuration changes, or a complete loss of service for the network relying on this hardware.

Remediation

Immediate Action: Check the Tenda support website or the provided VulDB advisory for firmware updates and apply them to all affected BE12 Pro devices.

Proactive Monitoring: Review router management logs for suspicious login activity or unusual administrative commands that could indicate an attempt to trigger the overflow.

Compensating Controls: Restrict access to the router's management interface to a dedicated, isolated management VLAN and disable remote management features to prevent unauthorized access.

Exploitation status

Public Exploit Available: No

Analyst recommendation

Although the vulnerability requires authentication, the potential for total system compromise necessitates prompt attention. Administrators should verify the current firmware version and coordinate a maintenance window to apply the necessary security updates to maintain the integrity of the network perimeter.