top of page
perceptive_background_267k.jpg

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler…

Published:

26 March 2026 at 23:00:00

Alert date:

27 March 2026 at 01:02:24

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Mobile & IoT

A stack-based buffer overflow vulnerability (CVE-2026-4905) was discovered in Tenda AC5 router firmware version 15.03.06.47. The vulnerability exists in the formWifiWpsOOB function of the /goform/WifiWpsOOB file within the POST Request Handler component. An attacker can trigger the vulnerability by manipulating the 'index' argument, leading to a stack-based buffer overflow. The vulnerability can be exploited remotely, and public exploits are already available. This poses a significant security risk to affected Tenda AC5 routers as attackers can potentially execute arbitrary code or cause denial of service.

Technical details

Mitigation steps:

Affected products:

Tenda AC5

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-4905
https://lavender-bicycle-a5a.notion.site/Tenda_AC5_WifiWpsOOB_index-32053a41781f8096a9b6e48177c25eb0?source=copy_link
https://vuldb.com/?ctiid.353656
https://vuldb.com/?id.353656
https://vuldb.com/?submit.777393
https://www.tenda.com.cn/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page