All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-13515
HIGHpublished 2026-06-29 00:16 UTC · 17 hours ago
7.4
CVSS / 10
// description
A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
// weaknesses (CWE)
- CWE-119
- CWE-121