CVE-2026-6015 | Tenda AC9 15.03.02.13 POST Request /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability was found in Tenda AC9 15.03.02.13 and classified as critical. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow.

This vulnerability is referenced as CVE-2026-6015. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-6015 | Tenda AC9 15.03.02.13 POST Request /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Post correlati

CVE-2026-5814 | PHPGurukul Online Course Registration 3.1 check_availability.php regno sql injection

CVE-2024-30891 | Tenda AC18 15.03.05.05 /goform/exeCommand cmdinput command injection

CVE-2026-25931 | streetsidesoftware vscode-spell-checker up to 4.5.3 package.json cSpell.trustedWorkspace default permission (GHSA-mggq-68mr-58vj)

CVE-2024-56646 | Linux Kernel up to 6.12.4 ipv6 modify_prefix_route null pointer dereference