CVE-2026-5567: Tenda M3 Buffer Overflow - Remote RCE
Plattform
linux
Komponente
tenda
CVE-2026-5567 describes a buffer overflow vulnerability discovered in the Tenda M3 router, specifically within the Destination Handler component's setAdvPolicyData function. Successful exploitation allows a remote attacker to potentially execute arbitrary code on the affected device, leading to a compromise of the router's functionality and data. This vulnerability impacts Tenda M3 devices running versions 1.0.0 through 1.0.0.10. An exploit for this vulnerability has been published, increasing the risk of exploitation.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-5567?
CVE-2026-5567 is a buffer overflow vulnerability in the Tenda M3 router's Destination Handler. It allows remote attackers to potentially execute code by manipulating the policyType argument within the /goform/setAdvPolicyData function.
Am I affected by CVE-2026-5567?
You are potentially affected if you are using a Tenda M3 router running version 1.0.0 through 1.0.0.10. The vulnerability is remotely exploitable, meaning an attacker doesn't need physical access to the device.
How can I fix or mitigate CVE-2026-5567?
Currently, no official patch is available from Tenda. Mitigation strategies include isolating the affected router from the internet, implementing strict firewall rules, and monitoring network traffic for suspicious activity.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten