CVE-2026-4902 | Tenda AC5 15.03.06.47 POST Request /goform/addressNat fromAddressNat page stack-based overflow

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability described as critical has been identified in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow.

This vulnerability is reported as CVE-2026-4902. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-4902 | Tenda AC5 15.03.06.47 POST Request /goform/addressNat fromAddressNat page stack-based overflow

Post correlati

CVE-2025-52642 | HCL AION 2.0 Internal File information disclosure (KB0129410)

CVE-2025-21681 | Linux Kernel up to 6.1.126/6.6.73/6.12.10 skb_tx_hash infinite loop

CVE-2025-6948 | GitLab Community Edition/Enterprise Edition up to 17.11.5/18.0.3/18.1.1 cross site scripting (Issue 552616)

CVE-2024-11959 | D-Link DIR-605L 2.13B01 formResetStatistic curTime buffer overflow