NVD HIGH: CVE-2026-9430 — A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this is...

Monday, May 25, 2026 at 07:16 AM UTC·Source: NIST NVD

Updated: Saturday, May 30, 2026 at 06:00 AM UTC

Executive Summary

A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dips can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Analysis

Indicators of Compromise (2)

CVE (1)

CVE-2026-9430

NVD MITRE CVE

IPv4 (1)

1.2.0.20

VirusTotal Shodan AbuseIPDB

Source Attribution

Originally published by NIST NVD on May 25, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. [...]

CVE-2026-0257

5h agoBleepingComputer

CRITICALVulnerabilityPOC

Exploit Code Published for Critical Flowise RCE Vulnerability

The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users into importing a malicious chatflow. The post Exploit Code Published for Critical Flowise RCE Vulnerability appeared first on SecurityWeek .

CVE-2026-40933

7h agoSecurityWeek

LOWVulnerability

New CIFSwitch Linux flaw gives root on multiple distributions

A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request mechanism, and gain root privileges. [...]

9h agoBleepingComputer