Description
A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
Published: 2026-04-09
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: Remote Code Execution via stack-based buffer overflow
Action: Immediate Patch
AI Analysis

Impact

The flaw resides in the websGetVar handler for changing passwords, where unsafe handling of the oldPwd, newPwd, and cfmPwd parameters permits a stack-based buffer overflow. This overflow can enable an attacker to execute arbitrary code on the device, compromising its confidentiality, integrity, and availability. The weakness is a classic stack corruption identified as CWE‑119 and CWE‑121.

Affected Systems

The affected hardware is the Tenda AC15 router running firmware version 15.03.05.18. Users deploying this model with that firmware are at risk; newer firmware revisions may have been patched.

Risk and Exploitability

With a CVSS base score of 8.7, the vulnerability is considered high severity. No EPSS score is posted, but the exploit is publicly available and remote attackers can trigger it from outside the local network. The vulnerability does not appear in the CISA KEV catalog yet, but the presence of a public exploit increases the likelihood of real-world attacks.

Generated by OpenCVE AI on April 9, 2026 at 03:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Tenda that addresses the websGetVar stack overflow.
  • If an immediate patch is unavailable, limit remote management to trusted IP addresses or disable it entirely, and monitor device logs for anomalous password change attempts.
  • Keep the router isolated from critical infrastructure and ensure the default credentials are changed after each update.

Generated by OpenCVE AI on April 9, 2026 at 03:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac15
Vendors & Products Tenda ac15

Thu, 09 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
Title Tenda AC15 SysToolChangePwd websGetVar stack-based overflow
First Time appeared Tenda
Tenda ac15 Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:ac15_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac15 Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ac15 Ac15 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-09T01:30:23.216Z

Reserved: 2026-04-08T16:58:20.984Z

Link: CVE-2026-5830

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T02:16:17.920

Modified: 2026-04-09T02:16:17.920

Link: CVE-2026-5830

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:25:18Z

Weaknesses