CVE-2026-5830

CVSS v3.1

8.8

High

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

Exploit

Fix

Buffer Overflow

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-121

Related Identifiers

CVE-2026-5830

Affected Products

Ac15

CVE-2026-5830

Weakness Enumeration

Related Identifiers

Affected Products

References · 8