Unrated severityNVD Advisory· Published Mar 29, 2026· Updated Mar 30, 2026

Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow

CVE-2026-5036

Description

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.

Affected products

Tenda/4G06llm-create
Range: = 04.06.01.29
Tenda/4G06v5
Range: 04.06.01.29

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Kiciot/cve/issues/1mitreexploitissue-tracking
vuldb.com/submit/778625mitrethird-party-advisory
vuldb.com/vuln/353962mitrevdb-entrytechnical-description
vuldb.com/vuln/353962/ctimitresignaturepermissions-required
www.tenda.com.cnmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000