Platform
tenda
Component
tenda-ac6-firmware
CVE-2026-4960 describes a stack-based buffer overflow vulnerability within the Tenda AC6 router firmware. Specifically, the fromWizardHandle function in the /goform/WizardHandle component is susceptible to attack. By manipulating the WANT/WANS argument in a POST request, a remote attacker can trigger this overflow, potentially leading to arbitrary code execution. This affects Tenda AC6 firmware versions up to and including 15.03.05.16. Currently, there is no official patch available to address this vulnerability.
A critical vulnerability has been identified in the Tenda AC6 router, version 15.03.05.16, tracked as CVE-2026-4960. This security flaw resides in the fromWizardHandle function within the /goform/WizardHandle file, specifically concerning the handling of POST requests. A remote attacker can exploit this vulnerability by manipulating the WANT/WANS argument, potentially leading to a stack-based buffer overflow. The severity of this vulnerability is high (CVSS 8.8), indicating a significant security risk to affected devices. The public disclosure of the vulnerability increases the risk of exploitation, as attackers now have access to information on how to exploit it. This vulnerability could allow an attacker to gain control of the router, compromise the network it is connected to, and access sensitive data.
CVE-2026-4960 is exploited through a malicious POST request targeted at the /goform/WizardHandle file on the Tenda AC6 router. The attacker manipulates the WANT/WANS argument in the request to trigger a stack-based buffer overflow. The remote nature of the vulnerability means an attacker can exploit it from anywhere on the network or even from the internet, provided they have access to the router. The public disclosure of the vulnerability facilitates the creation and distribution of exploits, increasing the risk of automated attacks. The lack of an official fix makes the router particularly vulnerable to attacks.
Exploit Status
EPSS
0.08% (24% percentile)
CISA SSVC
CVSS Vector
Currently, there is no official fix provided by Tenda for CVE-2026-4960. The most effective mitigation is to update the router's firmware to a later version that addresses this vulnerability, if available. In the meantime, it is recommended to implement additional security measures, such as changing the router's default password to a strong, unique password, disabling remote access to the router if it is not required, and keeping the firmware updated to the latest available version (although this won't fix CVE-2026-4960, it may address other vulnerabilities). Monitoring network traffic for suspicious activity can also help detect and prevent attacks. Consider replacing the Tenda AC6 router with a more secure model with ongoing security update support.
Actualice el firmware del router Tenda AC6 a una versión posterior a 15.03.05.16 para corregir la vulnerabilidad de desbordamiento de búfer basada en pila. Consulte el sitio web del proveedor para obtener la última versión del firmware y las instrucciones de actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVSS 8.8 indicates a high-severity vulnerability. A higher score signifies a greater security risk.
If you have a Tenda AC6 router with firmware version 15.03.05.16, it is likely affected.
Implement the recommended mitigation measures, such as changing the password and disabling remote access. Consider replacing the router.
Currently, there are no widely available tools to specifically detect this vulnerability. Monitoring network traffic can help identify suspicious activity.
You can contact Tenda's technical support or search for information on security forums and security news websites.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.