Platform
tenda
Component
tenda
CVE-2026-5830 describes a stack-based buffer overflow vulnerability affecting the Tenda AC15 router running firmware version 15.03.05.18. This flaw allows remote attackers to trigger a crash by manipulating password-related parameters within the router's web interface. A publicly available exploit exists, increasing the risk of exploitation. The vulnerability impacts the websGetVar function within the /goform/SysToolChangePwd file.
Successful exploitation of CVE-2026-5830 allows an attacker to cause a denial-of-service (DoS) condition on the Tenda AC15 router. The stack-based buffer overflow can lead to a crash, effectively rendering the router unresponsive. Given the router's role in network connectivity and security, this disruption can impact all devices relying on it for internet access. The availability of a public exploit significantly increases the likelihood of widespread exploitation, potentially affecting numerous home and small business networks. The remote nature of the vulnerability means attackers do not need physical access to the router to exploit it.
CVE-2026-5830 is a critical vulnerability due to the availability of a public exploit. The exploit's public nature suggests a moderate to high probability of exploitation, particularly given the router's widespread use in home and small business environments. The vulnerability was publicly disclosed on 2026-04-09. It is not currently listed on the CISA KEV catalog, but its severity and exploit availability warrant close monitoring.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5830 is to upgrade the Tenda AC15 router to a firmware version that addresses the buffer overflow vulnerability. Unfortunately, a fixed firmware version is not specified in the provided data. As a temporary workaround, consider implementing strict firewall rules to restrict access to the /goform/SysToolChangePwd endpoint from untrusted sources. Monitor router logs for unusual activity, particularly related to password changes. While not a direct fix, enabling router logging can aid in post-incident analysis and detection of exploitation attempts. After applying any mitigation, verify the router's stability and functionality by attempting a password reset through the web interface.
Update the Tenda AC15 device firmware to a version corrected by the manufacturer. Refer to the Tenda support website for more information on available firmware updates.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5830 is a HIGH severity buffer overflow vulnerability in Tenda AC15 routers, allowing remote attackers to crash the device by manipulating password parameters.
You are affected if your Tenda AC15 router is running firmware version 15.03.05.18. Check your router's firmware version in the administration interface.
Upgrade your Tenda AC15 router to a patched firmware version. Unfortunately, a specific fixed version is not yet available; monitor Tenda's website for updates.
Due to the availability of a public exploit, CVE-2026-5830 is considered to be at high risk of active exploitation.
Please refer to Tenda's official website and security advisories for updates and information regarding CVE-2026-5830.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.