Platform
tenda
Component
tenda
A critical vulnerability, CVE-2026-5550, has been identified in the Tenda AC10's httpd component. This vulnerability is a stack-based buffer overflow stemming from the fromSysToolChangePwd function within the /bin/httpd file. Successful exploitation could lead to denial of service or even remote code execution, impacting network availability and security. This vulnerability affects Tenda AC10 devices running version 16.03.10.10multiTDE01.
The stack-based buffer overflow vulnerability in Tenda AC10's httpd allows a remote attacker to potentially overwrite critical memory regions. This can lead to a denial-of-service (DoS) condition, rendering the device unresponsive. More concerningly, an attacker could leverage this overflow to inject and execute arbitrary code on the affected device, gaining complete control over the router. Given the router's role as a gateway and often a point of access to internal network resources, a successful compromise could facilitate lateral movement and broader network infiltration. The impact is amplified if the router handles sensitive data or provides access to critical services.
CVE-2026-5550 was publicly disclosed on 2026-04-05. Currently, there are no known public exploits or active campaigns targeting this vulnerability. Its inclusion in the NVD is pending. The EPSS score is likely to be medium, given the potential for remote code execution and the relatively common deployment of routers in exposed network environments. While no KEV listing exists yet, the potential for remote code execution warrants close monitoring.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5550 is to upgrade the Tenda AC10 firmware to a patched version as soon as it becomes available from Tenda. Until a patch is available, consider implementing temporary workarounds. These may include restricting access to the /bin/httpd endpoint via a firewall or web application firewall (WAF). Carefully review and restrict user permissions related to password changes to minimize the attack surface. Monitor network traffic for suspicious patterns indicative of exploitation attempts, such as unusually long or malformed requests to the password change endpoint.
Update the firmware of the Tenda AC10 device to a version corrected by the manufacturer. Refer to the Tenda support website for the latest firmware updates and follow the provided instructions to securely update the device.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5550 is a HIGH severity stack-based buffer overflow vulnerability in the Tenda AC10's httpd component, affecting version 16.03.10.10multiTDE01. Remote attackers can exploit it to potentially gain control of the device.
You are affected if you are using a Tenda AC10 router running firmware version 16.03.10.10multiTDE01. Check your router's firmware version and upgrade if a patch is available.
The recommended fix is to upgrade to a patched firmware version from Tenda. Until a patch is available, implement temporary mitigations like firewall restrictions.
As of now, there are no confirmed reports of active exploitation, but the vulnerability's potential for remote code execution warrants vigilance.
Refer to the Tenda security advisories page on their website for updates and official announcements regarding CVE-2026-5550.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.