CVE-2026-5036 describes a critical buffer overflow vulnerability discovered in Tenda 4G06 firmware. This flaw resides within the /goform/DhcpListClient endpoint, allowing remote attackers to potentially gain control of the device. The vulnerability affects firmware versions up to and including 04.06.01.29. A public exploit is available, highlighting the urgency of remediation.
The vulnerability lies in the fromDhcpListClient function within the /goform/DhcpListClient endpoint. An attacker can manipulate the page argument to trigger a stack-based buffer overflow. Successful exploitation could lead to arbitrary code execution on the affected Tenda 4G06 device. This could allow an attacker to compromise the device, potentially gaining access to sensitive data, modifying device configurations, or using the device as a pivot point to attack other systems on the network. The availability of a public exploit significantly increases the risk of widespread exploitation.
This vulnerability has been publicly disclosed and a proof-of-concept exploit is available, indicating a high probability of exploitation. It was added to the CISA KEV catalog on an unspecified date. The public availability of the exploit suggests that attackers are actively seeking to exploit this vulnerability. The vulnerability’s impact is amplified by the widespread use of Tenda routers in home and small business networks.
Exploit Status
EPSS
0.05% (14% percentile)
CISA SSVC
The primary mitigation is to upgrade the Tenda 4G06 firmware to a version that addresses this vulnerability. Unfortunately, a fixed version is not explicitly mentioned in the provided data. As a temporary workaround, consider implementing strict input validation on the /goform/DhcpListClient endpoint to prevent excessively long or malformed page arguments. Network segmentation can also limit the potential blast radius. Monitor network traffic for suspicious requests targeting this endpoint. After applying any mitigation, verify the fix by attempting to trigger the vulnerability with a crafted request and confirming that the overflow is prevented.
Update the Tenda 4G06 device firmware to a version later than 04.06.01.29 to fix the stack-based buffer overflow vulnerability. Refer to the vendor's website for the latest firmware version and update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5036 is a HIGH severity buffer overflow vulnerability affecting Tenda 4G06 firmware versions up to 04.06.01.29. It allows remote attackers to potentially execute arbitrary code.
If you are using Tenda 4G06 firmware version 04.06.01.29 or earlier, you are potentially affected by this vulnerability.
Upgrade to a patched firmware version. Unfortunately, a fixed version is not explicitly mentioned. Implement input validation as a temporary workaround.
Yes, a public exploit exists, indicating a high probability of active exploitation.
Refer to Tenda's official website or security advisory channels for updates and information regarding CVE-2026-5036.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.