A vulnerability categorized as critical has been discovered in Tenda F1202 1.2.0.20(408) . Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting . Such manipulation of the argument delno leads to stack-based buffer overflow. This vulnerability is listed as CVE-2026-9428 . The attack may be performed from remote. In addition, an exploit is available.