Description
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
Published: 2026-06-19
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw is a stack buffer overflow in the wanSpeed parameter of the /goform/AdvSetMacMtuWan endpoint on Tenda AC7 devices running firmware version 15.03.06.44. The overflow can be exploited remotely to execute arbitrary code chosen by an attacker, compromising confidentiality, integrity, and availability of the device and the network it supports.

Affected Systems

Tenda AC7 routers with firmware build 15.03.06.44 are affected. No other vendors or product versions are listed as impacted.

Risk and Exploitability

The CVSS score is 9.8, but stack-based buffer overflows are generally high severity. EPSS is unavailable and the vulnerability is not listed in CISA KEV, suggesting no confirmed widespread exploitation yet. However, remote code execution is inherently dangerous; if the device’s WAN interface is exposed to the internet, attackers could exploit the endpoint over HTTP or HTTPS without payload delivery restrictions. Thus the risk is high and exploitation is plausible if exposure exists.

Generated by OpenCVE AI on June 22, 2026 at 21:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to a release that removes the wanSpeed overflow bug.
  • If an upgrade is not immediately possible, use a firewall or router ACL to block WAN access to the /goform/AdvSetMacMtuWan endpoint, limiting exposure to the internal network.
  • Monitor device logs and traffic for attempts to access /goform/AdvSetMacMtuWan or other unexplained inbound connections.

Generated by OpenCVE AI on June 22, 2026 at 21:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
History

Mon, 22 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Stack Buffer Overflow in Tenda AC7 Firmware Enabling Remote Code Execution

Mon, 22 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Title Stack Buffer Overflow in Tenda AC7 Firmware 15.03.06.44’s wanSpeed Parameter Leading to Remote Code Execution
Weaknesses CWE-119

Mon, 22 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 19 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac7
Vendors & Products Tenda
Tenda ac7

Fri, 19 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Stack Buffer Overflow in Tenda AC7 Firmware 15.03.06.44’s wanSpeed Parameter Leading to Remote Code Execution
Weaknesses CWE-119

Fri, 19 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-22T17:15:47.887Z

Reserved: 2026-06-08T00:00:00.000Z

Link: CVE-2026-51846

cve-icon Vulnrichment

Updated: 2026-06-22T15:37:25.874Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-22T21:30:06Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow