Description
A vulnerability was found in Tenda A18 Pro 02.03.02.28. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Published: 2026-03-20
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack‑based buffer overflow exists in the set_qosMib_list handler of the Tenda A18 Pro firmware. By manipulating the argument list passed to the /goform/formSetQosBand endpoint, an attacker can overflow the stack and trigger arbitrary code execution. The flaw allows a remote adversary to compromise the device’s confidentiality, integrity, and availability, potentially enabling full device takeover.

Affected Systems

The fault is present in the Tenda A18 Pro model with firmware version 02.03.02.28. No other versions are listed as affected in the available data.

Risk and Exploitability

The CVSS v3.1 score of 8.7 indicates high severity. EPSS information is unavailable and the vulnerability is not yet listed in CISA’s KEV catalog. The attack vector is remote, accessible via the web interface’s formSetQosBand URL. A public exploit exists, raising the likelihood that attackers could already be leveraging this flaw in the field.

Generated by OpenCVE AI on March 20, 2026 at 18:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update that addresses the stack-based overflow in /goform/formSetQosBand, preferably version 02.03.02.29 or later.
  • If a patch is not yet available, restrict or disable remote management interfaces that expose the formSetQosBand endpoint.
  • Monitor inbound traffic for unusually crafted requests to /goform/formSetQosBand and block or alert on such activity.

Generated by OpenCVE AI on March 20, 2026 at 18:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda a18 Pro
Vendors & Products Tenda
Tenda a18 Pro

Fri, 20 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Tenda A18 Pro 02.03.02.28. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Title Tenda A18 Pro formSetQosBand set_qosMib_list stack-based overflow
Weaknesses CWE-119
CWE-121
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda A18 Pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-20T18:06:43.185Z

Reserved: 2026-03-20T08:32:47.474Z

Link: CVE-2026-4492

cve-icon Vulnrichment

Updated: 2026-03-20T17:32:54.928Z

cve-icon NVD

Status : Deferred

Published: 2026-03-20T18:16:17.383

Modified: 2026-04-22T21:32:08.360

Link: CVE-2026-4492

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:28:59Z

Weaknesses