CVE-2026-4904 | Tenda AC5 15.03.06.47 POST Request /goform/setcfm formSetCfm funcpara1 stack-based overflow

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability classified as critical was found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2026-4904. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-4904 | Tenda AC5 15.03.06.47 POST Request /goform/setcfm formSetCfm funcpara1 stack-based overflow

Post correlati

CVE-2024-38382 | OpenHarmony up to 4.0.1 out-of-bounds

CVE-2024-3498 | Toshiba Tec e-Studio Multi-Function Peripheral Web Configuration Page unnecessary privileges

CVE-2024-0947 | Talya Informatics Elektraweb up to 17.0.67 cookie validation

CVE-2024-4680 | ZenML up to 0.56.3 session expiration