Description
A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.
Published: 2026-04-10
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow exists in the decodePwd function of the POST request handler in Tenda AC9 firmware 15.03.02.13. By manipulating the WANS argument, an attacker can corrupt the stack, potentially leading to arbitrary code execution, loss of data confidentiality, integrity, and availability.

Affected Systems

The vulnerability affects Tenda AC9 routers running firmware version 15.03.02.13. It is specific to the POST request handler component /goform/WizardHandle and may impact all devices with this firmware version that expose the endpoint to external access.

Risk and Exploitability

The CVSS score of 8.7 denotes a high severity risk. While EPSS data is not available, the exploit is publicly known and can be launched remotely via the HTTP POST endpoint, indicating a significant likelihood of exploitation. The vulnerability is not currently listed in the CISA KEV catalog, but the public availability of the exploit and the remote attack vector warrant immediate attention.

Generated by OpenCVE AI on April 10, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Tenda that resolves the decodePwd stack overflow.
  • If no patch is available, block or restrict external access to the /goform/WizardHandle endpoint to prevent remote exploitation.
  • Disable the remote configuration wizard feature if possible to eliminate the vulnerable functionality.
  • Maintain network monitoring for unexpected POST requests to /goform/WizardHandle and investigate any suspicious activity.

Generated by OpenCVE AI on April 10, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac9
Vendors & Products Tenda ac9

Fri, 10 Apr 2026 05:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.
Title Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow
First Time appeared Tenda
Tenda ac9 Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:ac9_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac9 Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ac9 Ac9 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-10T13:40:04.879Z

Reserved: 2026-04-09T14:38:10.228Z

Link: CVE-2026-6016

cve-icon Vulnrichment

Updated: 2026-04-10T13:39:58.718Z

cve-icon NVD

Status : Received

Published: 2026-04-10T06:16:06.780

Modified: 2026-04-10T06:16:06.780

Link: CVE-2026-6016

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:26:44Z

Weaknesses