CVE-2026-4905 | Tenda AC5 15.03.06.47 POST Request /goform/WifiWpsOOB formWifiWpsOOB index stack-based overflow

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow.

This vulnerability is known as CVE-2026-4905. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-4905 | Tenda AC5 15.03.06.47 POST Request /goform/WifiWpsOOB formWifiWpsOOB index stack-based overflow

Post correlati

CVE-2024-26854 | Linux Kernel up to 6.7.9 ice_dpll_init uninitialized pointer (db29ceff3e25/9224fc86f177)

CVE-2024-1514 | WP eCommerce Plugin up to 3.15.1 on WordPress sql injection

CVE-2025-11328 | Tenda AC18 15.03.05.19(6318) /goform/SetDDNSCfg ddnsEn stack-based overflow

CVE-2024-5808 | WP Ajax Contact Form Plugin up to 2.2.2 on WordPress cross-site request forgery