CVE-2026-6015

CVSS v2.0

9.0

High

AV:N/AC:L/Au:S/C:C/I:C/A:C

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Exploit

Fix

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

CVE-2026-6015

Affected Products

Ac9

CVE-2026-6015

Weakness Enumeration

Related Identifiers

Affected Products

References · 8