Ac15

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-5830 HIGH POC This Week

Stack-based buffer overflow in Tenda AC15 router firmware 15.03.05.18 websGetVar function allows authenticated remote attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability resides in /goform/SysToolChangePwd endpoint where manipulation of oldPwd, newPwd, or cfmPwd parameters triggers memory corruption. Publicly available exploit code exists. Exploitation requires low-privilege authenticated access but no user interaction, making it readily exploitable once credentials are obtained.

Tenda Buffer Overflow RCE Ac15

NVD VulDB

CVSS 4.0

7.4

EPSS

0.0%

CVE-2026-5830

EPSS 0% CVSS 7.4

HIGH POC This Week

Stack-based buffer overflow in Tenda AC15 router firmware 15.03.05.18 websGetVar function allows authenticated remote attackers to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability resides in /goform/SysToolChangePwd endpoint where manipulation of oldPwd, newPwd, or cfmPwd parameters triggers memory corruption. Publicly available exploit code exists. Exploitation requires low-privilege authenticated access but no user interaction, making it readily exploitable once credentials are obtained.

Tenda Buffer Overflow RCE +1

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy