Unrated severityNVD Advisory· Published Mar 27, 2026· Updated Mar 31, 2026
Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime memory corruption
CVE-2026-4974
Description
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- lavender-bicycle-a5a.notion.site/Tenda-AC7-fromSetSysTime-32153a41781f801c95b0f8a53eaa9a1fmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.tenda.com.cnmitreproduct
News mentions
0No linked articles in our index yet.