Dismissed
Permalink
CVE-2026-4041
8.8 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
3 packages
- xf86videoi128
- xf86-video-i128
- vscode-extensions.tomoki1207.pdf
- @LeSuisse dismissed
Tenda i12 exeCommand vos_strcpy stack-based overflow
A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
References
- VDB-350653 | Tenda i12 exeCommand vos_strcpy stack-based overflow vdb-entry technical-description
- VDB-350653 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #769462 | Tenda i12 V1.0.0.6(2204) Buffer Overflow third-party-advisory
- https://github.com/Jimi-Lab/cve/issues/1 issue-tracking exploit
- https://www.tenda.com.cn/ product
Affected products
i12
- ==1.0.0.6(2204)
Ignored packages (3)
pkgs.xf86videoi128
Number Nine I128 video driver for the Xorg X server
-
nixos-unstable i128-1.4.1
- nixpkgs-unstable i128-1.4.1
- nixos-unstable-small i128-1.4.1
pkgs.xf86-video-i128
Number Nine I128 video driver for the Xorg X server
-
nixos-unstable i128-1.4.1
- nixpkgs-unstable i128-1.4.1
- nixos-unstable-small i128-1.4.1
pkgs.vscode-extensions.tomoki1207.pdf
Show PDF preview in VSCode
-
nixos-unstable tomoki1207-pdf-1.2.2
- nixpkgs-unstable tomoki1207-pdf-1.2.2
- nixos-unstable-small tomoki1207-pdf-1.2.2
-
nixos-25.11 tomoki1207-pdf-1.2.2
- nixos-25.11-small tomoki1207-pdf-1.2.2
- nixpkgs-25.11-darwin tomoki1207-pdf-1.2.2