CVE-2026-4960

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published Mar 27, 2026

Vendor unknown

Description

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

References

https://lavender-bicycle-a5a.notion.site/Tenda-AC6-WizardHandle-32053a41781f800eb05feb16885747f7?source=copy_link
https://vuldb.com/?ctiid.353837
https://vuldb.com/?id.353837
https://vuldb.com/?submit.777616
https://www.tenda.com.cn/