Is Stack Overflow affected by EUVD-2026-16981?

A stack-based buffer overflow in Tenda 4G06 router firmware (version 04.06.01.29) enables authenticated attackers to execute arbitrary code remotely, compromising the confidentiality, integrity, and availability of affected network infrastructure.

EUVD-2026-16981

| CVE-2026-5036 HIGH

2026-03-29 VulDB

GHSA-737m-qjmx-7gx3

7.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Mar 30, 2026 - 18:58 vuln.today

Public exploit code

Analysis Generated

Mar 29, 2026 - 08:00 vuln.today

EUVD ID Assigned

Mar 29, 2026 - 08:00 euvd

EUVD-2026-16981

CVE Published

Mar 29, 2026 - 07:45 nvd

HIGH 7.4

Description

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.

Analysis

Stack-based buffer overflow in Tenda 4G06 router firmware version 04.06.01.29 allows authenticated remote attackers to achieve arbitrary code execution with high impact to confidentiality, integrity, and availability. The vulnerability resides in the fromDhcpListClient function accessible via the /goform/DhcpListClient endpoint, triggered by manipulating the 'page' parameter. …

Remediation

Within 24 hours: Inventory all Tenda 4G06 devices and document firmware version 04.06.01.29 deployment locations. Within 7 days: Contact Tenda for patched firmware availability and conduct risk assessment of affected routers; isolate or restrict remote administrative access via /goform/DhcpListClient endpoint using firewall rules. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +37

POC: +20

EUVD-2026-16981 vulnerability details – vuln.today

Back

EUVD-2026-16981

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-16981

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code