Description
A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local_2c causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Published: 2026-03-16
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Stack-based Buffer Overflow (Remote)
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow was discovered in the HTTP endpoint /goform/SysToolChangePwd of the Tenda AC8 router. The vulnerability is caused by manipulation of the argument local_2c in the doSystemCmd function, which overflows a stack buffer. The described impact is that an attacker can initiate the exploit remotely and the public exploit code is available. Based on the description, it is inferred that an attacker may potentially execute arbitrary code on the device.

Affected Systems

Tenda AC8 routers running firmware versions up to and including 16.03.50.11 are affected. The vulnerability targets the component HTTP Endpoint, specifically the function doSystemCmd within /goform/SysToolChangePwd. CPE identifiers cpe:2.3:h:tenda:ac8:5.0:*:*:*:*:*:*:* and cpe:2.3:o:tenda:ac8_firmware:*:*:*:*:*:*:* indicate the impacted product model and firmware family.

Risk and Exploitability

The base CVSS score is 9.3, indicating critical severity, and the EPSS score is less than 1 %, suggesting a low likelihood of in‑the‑wild exploitation. The vulnerability is not listed in the CISA KEV catalog. The attack vector is described as remote via HTTP, with no authentication requirement. Based on the nature of the overflow, it is inferred that an attacker could potentially execute arbitrary code on the device.

Generated by OpenCVE AI on March 20, 2026 at 15:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update that addresses the stack‑based overflow (version greater than 16.03.50.11).
  • If an update is not yet available, restrict external access to the router’s web interface or block the /goform/SysToolChangePwd endpoint with firewall rules.
  • Consider isolating the router from untrusted networks through network segmentation or a dedicated VLAN.

Generated by OpenCVE AI on March 20, 2026 at 15:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787
CPEs cpe:2.3:h:tenda:ac8:5.0:*:*:*:*:*:*:*

Tue, 17 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac8
Vendors & Products Tenda ac8

Mon, 16 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local_2c causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Title Tenda AC8 HTTP Endpoint SysToolChangePwd doSystemCmd stack-based overflow
First Time appeared Tenda
Tenda ac8 Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:ac8_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac8 Firmware
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ac8 Ac8 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-16T18:29:35.800Z

Reserved: 2026-03-16T06:16:10.100Z

Link: CVE-2026-4254

cve-icon Vulnrichment

Updated: 2026-03-16T18:29:30.363Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T18:16:10.773

Modified: 2026-03-20T13:35:42.853

Link: CVE-2026-4254

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:50:07Z

Weaknesses