VYPR

Ac5 Firmware

by Tenda

CVEs (5)

  • CVE-2026-4906HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.03

    A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack…

  • CVE-2026-4905HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the…

  • CVE-2026-4904HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched…

  • CVE-2026-4903HigMar 26, 2026
    risk 0.57cvss 8.8epss 0.05

    A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be…

  • CVE-2026-4902Mar 26, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched…