NextGuard
UNKNOWNCVE-2026-4906

Tenda AC5 POST Request WizardHandle decodePwd stack-based overflow

Platform

other

Component

tenda-ac5-firmware

View on NVD

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

How to fix

Actualizar el firmware del router Tenda AC5 a una versión posterior a la 15.03.06.47 para corregir la vulnerabilidad de desbordamiento de búfer basada en pila. Consultar el sitio web del fabricante para obtener la última versión del firmware y las instrucciones de actualización.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free