CVE-2026-3810 – A stack-based buffer overflow vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2026-3810?

CVE-2026-3810 has a CVSS score of 8.8 (HIGH). A stack-based buffer overflow vulnerability in Tenda FH1202 routers allows remote attackers to execute arbitrary code by manipulating the 'page' parameter in the DHCP client list function. This affects Tenda FH1202 routers running firmware version 1.2.0.14(408). Remote exploitation is possible without authentication.

📋 TL;DR

A stack-based buffer overflow vulnerability in Tenda FH1202 routers allows remote attackers to execute arbitrary code by manipulating the 'page' parameter in the DHCP client list function. This affects Tenda FH1202 routers running firmware version 1.2.0.14(408). Remote exploitation is possible without authentication.

💻 Affected Systems

Products:

Tenda FH1202

Versions: 1.2.0.14(408)

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects this specific firmware version. The vulnerable endpoint is accessible via web interface.

📦 What is this software?

Fh1202 Firmware by Tenda

View all CVEs affecting Fh1202 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, network infiltration, and potential lateral movement to other systems.

🟠

Likely Case

Remote code execution allowing attackers to install malware, create backdoors, or use the device as part of a botnet.

🟢

If Mitigated

Denial of service or device crash if exploit fails to achieve code execution.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploit code exists.

🏢 Internal Only: MEDIUM - Still exploitable from internal networks but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on GitHub. No authentication required for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware. 3. Access router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and install new firmware. 6. Reboot router.

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router web interface

Network segmentation

all

Isolate affected routers from critical networks

🧯 If You Can't Patch

Replace affected routers with different models or brands
Implement strict network access controls to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is 1.2.0.14(408), device is vulnerable.

Check Version:

Check via router web interface or SSH if enabled: cat /proc/version or similar router-specific commands

Verify Fix Applied:

Verify firmware version has changed from 1.2.0.14(408) to a newer version.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/DhcpListClient
Router crash/reboot logs
Unusual outbound connections from router

Network Indicators:

Exploit traffic patterns to router web interface
Unusual payloads in HTTP requests

SIEM Query:

source="router_logs" AND (uri="/goform/DhcpListClient" OR message="buffer overflow" OR message="segmentation fault")

📊 Metadata

CVE ID: CVE-2026-3810

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: March 9, 2026

Last Updated: March 9, 2026

🔗 References

https://github.com/Svigo-o/Tenda_vul/tree/main/tenda-fh1202-dhcplistclient-page-buffer-overflow Exploit,Third Party Advisory
https://vuldb.com/?ctiid.349776 Permissions Required,VDB Entry
https://vuldb.com/?id.349776 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.769040 Third Party Advisory,VDB Entry
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-3810, you might also want to check these: