CVE-2026-6015

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

EUVD-2026-21311

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

EUVD-2026-21312

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6015

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2026-6016

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016

CVE-2026-6016 affects Tenda AC9 15.03.02.13. The vulnerability exists in the decodePwd function of /goform/WizardHandle within the POST Request Handler. Adversaries can trigger a stack-based buffer overflow by manipulating the WANS argument, with the attackable surface exposed remotely. Public ex...

CVE-2026-6015

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2026-6015

This CVE concerns the Tenda AC9 device (firmware version 15.03.02.13). The vulnerability affects the function formQuickIndex in the file /goform/QuickIndex of the POST Request Handler. The issue arises from manipulation of the PPPOEPassword argument, causing a stack-based buffer overflow. An atta...

CVE-2026-6015 Tenda AC9 POST Request QuickIndex formQuickIndex stack-based overflow

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. Version 15.03.02.13 of the Tenda AC9 contains a security vulnerability. This vulnerability stems from incorrect handling of a parameter named WANS in the file/goform/WizardHandle, which may lead to a stack buffer overflow...

PT-2026-31876

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. Version 15.03.02.13 of the Tenda AC9 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/QuickIndex, specifically the parameter PPPoEPassword, which may lead ...

PT-2026-31877

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-2191

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2192

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...

CVE-2026-2191

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2192

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...