CVE-2026-2930 | Tenda A18 15.13.07.13 Httpd Service /cgi-bin/UploadCfg webCgiGetUploadFile boundary stack-based overflow

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability was found in Tenda A18 15.13.07.13. It has been declared as critical. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow.

This vulnerability is documented as CVE-2026-2930. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-2930 | Tenda A18 15.13.07.13 Httpd Service /cgi-bin/UploadCfg webCgiGetUploadFile boundary stack-based overflow

Post correlati

CVE-2025-4185 | Wangshen SecGate 3600 2024 ?g=obj_area_export_save file_name path traversal

CVE-2025-40772 | Siemens SiPass integrated up to 2.x cross site scripting (ssa-599451)

CVE-2024-5929 | VIPRE Advanced Security PMAgent uncontrolled search path

CVE-2025-8765 | Datacom DM955 5GT 1200 825.8010.00 Wireless Basic Settings SSID cross site scripting