CVE-2026-4493

Name of the Vulnerable Software and Affected Versions Tenda A18 Pro version 02.03.02.28

Description A flaw exists in the MAC Filtering Configuration Endpoint of the Tenda A18 Pro. Specifically, the function sub 423B50 within the file /goform/setMacFilterCfg is susceptible to a stack-based buffer overflow. This issue can be triggered by manipulating the deviceList argument, potentially allowing for remote exploitation. The vulnerability has been publicly disclosed.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the MAC Filtering feature until a patch is available.