Which versions of Tenda are affected by CVE-2026-4904?

Tenda AC5 routers running firmware 15.03.06.47 are vulnerable to remote code execution through a stack buffer overflow in the device management interface, allowing authenticated attackers to gain…

Is there a public PoC exploit available for CVE-2026-4904?

Yes, a public proof-of-concept exploit is available for CVE-2026-4904. Prioritise patching immediately. EPSS: 0.0%.

Tenda CVE-2026-4904

Q: What is the CVSS score of CVE-2026-4904?

CVE-2026-4904 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-16474 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-03-26 VulDB

Buffer Overflow Stack Overflow Tenda

7.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Mar 31, 2026 - 20:59 vuln.today

Public exploit code

EUVD ID Assigned

Mar 26, 2026 - 23:31 euvd

EUVD-2026-16474

Analysis Generated

Mar 26, 2026 - 23:31 vuln.today

CVE Published

Mar 26, 2026 - 23:11 nvd

HIGH 7.4

DescriptionNVD

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Stack-based buffer overflow in Tenda AC5 router firmware version 15.03.06.47 enables remote authenticated attackers to achieve arbitrary code execution with high impact to confidentiality, integrity, and availability. The vulnerability resides in the formSetCfm function's handling of the funcpara1 parameter in POST requests to /goform/setcfm. …

RemediationAI

Within 24 hours: Identify all Tenda AC5 routers on the network and document firmware versions via device inventory or management console. Within 7 days: Implement network segmentation to restrict direct access to router management interfaces (restrict /goform/setcfm to administrative network only) and enforce strong authentication on all device admin accounts. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-4904 vulnerability details – vuln.today

Back

Tenda CVE-2026-4904

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Tenda CVE-2026-4904

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code