A vulnerability marked as critical has been reported in Tenda F1202 1.2.0.20(408) . This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd . The manipulation of the argument opttype leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-9431 . The attack can be initiated remotely. Additionally, an exploit exists.