A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Published: 2026-03-12
CVSS: 9.0
CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Download Exploit for CVE-2026-3973 here:
Use Tor Browser to access .onion site.
https://sonitex.com/exploit-475-cve-2019-25506/
https://sonitex.com/exploit-50-cve-2026-2848/