CVE 8.7 HIGH

Tenda TX3 SetIpMacBind buffer overflow_CVE-2026-2137

February 8, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Tenda TX3 up to 16.03.13.11_multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

AI Analysis

Buffer overflow vulnerability in Tenda TX3 up to 16.03.13.11_multi via the SetIpMacBind function, allowing remote attackers to exploit the issue.

Basic Information

ID CVE-2026-2137

Source VulDB

Published Feb 8, 2026 at 05:32

Affected Product

Vendor Tenda

Product TX3

Version 16.03.13.11_multi

Affected Versions Tenda TX3 16.03.13.11_multi

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Tenda

Product TX3

Version 16.03.13.11_multi

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Tenda TX3 up to 16.03.13.11_multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2026-02-08T05:32:08.216Z",
    "modified": "2026-02-08T05:32:08.216Z",
    "type": "cve",
    "title": "Tenda TX3 SetIpMacBind buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344772\nhttps://vuldb.com/?ctiid.344772\nhttps://vuldb.com/?submit.747239\nhttps://github.com/MRAdera/IoT-Vuls/blob/main/tenda/tx3/fromSetIpMacBind.md\nhttps://github.com/MRAdera/IoT-Vuls/blob/main/tenda/tx3/fromSetIpMacBind.md#poc\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-2137",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda TX3 16.03.13.11_multi",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TX3",
    "version": "16.03.13.11_multi",
    "vendor": "Tenda",
    "ai_description": "Buffer overflow vulnerability in Tenda TX3 up to 16.03.13.11_multi via the SetIpMacBind function, allowing remote attackers to exploit the issue.",
    "ai_severity": "High",
    "ai_vendor": "Tenda",
    "ai_product": "TX3",
    "ai_version": "16.03.13.11_multi",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply