Tenda Ac5 Firmware

Tenda AC5 15.03.06.47 POST Handler Buffer Overflow
CVE-2026-4906 8.8 - High - March 27, 2026

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Stack Overflow

Remote stack overflow in Tenda AC5 formWifiWpsOOB (15.03.06.47)
CVE-2026-4905 8.8 - High - March 26, 2026

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Stack Overflow

Tenda AC5 v15.03.06.47 POST /goform/setcfm buf overflow
CVE-2026-4904 8.8 - High - March 26, 2026

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Stack Overflow

Tenda AC5 15.03.06.47 POST formQuickIndex PPPOEPassword Buffer Overflow
CVE-2026-4903 8.8 - High - March 26, 2026

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.

Stack Overflow

Tenda AC5 15.03.06.47 Stack-Based Buffer Overflow in POST /goform/addressNat
CVE-2026-4902 8.8 - High - March 26, 2026

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.

Stack Overflow

Tenda AC5 15.03.06.47 - Critical Stack Overflow in /goform/openSchedWifi
CVE-2025-6886 8.8 - High - June 30, 2025

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Buffer Overflow

Tenda AC5 15.03.06.47: Stack-based Buffer Overflow in /goform/SetSysTimeCfg
CVE-2025-6887 8.8 - High - June 30, 2025

A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Buffer Overflow

Critical stack overflow in Tenda AC5 formSetRebootTimer (v15.03.06.47)
CVE-2025-5863 9.8 - Critical - June 09, 2025

A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Memory Corruption

Tenda AC5 buffer overflow in formSetPPTPUserList (pre-15.03.06.47)
CVE-2025-5794 8.8 - High - June 06, 2025

A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Buffer Overflow

Tenda AC5 1.0/15.03.06.47 critical buffer overflow in AdvSetLanip
CVE-2025-5795 8.8 - High - June 06, 2025

A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Buffer Overflow

Tenda AC5 RCE via Mac param on /ip/goform/WriteFacMac v15.03.06.28
CVE-2023-31587 9.8 - Critical - May 16, 2023

Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

Tenda AC5 Buffer Overflow via initWebs (v15.03.06.28)
CVE-2023-30368 9.8 - Critical - April 24, 2023

Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.

Memory Corruption

Tenda AC5 V15.03.06.28 Stack Overflow in fromSetSysTime (DoS)
CVE-2023-25210 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 R7WebsSecurityHandler stack overflow DoS / code exec pre-15.03
CVE-2023-25211 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 15.03.06.28 DoS via stack overflow in fromSetWirelessRepeat
CVE-2023-25212 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

CVE-2023-25213: Tenda AC5 stack overflow in check_param_changed (pre1.0)
CVE-2023-25213 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Stack Overflow in Tenda AC5 via setSchedWifi (v<15.03.06.28) DoS/ACE
CVE-2023-25214 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 Pre-15.03.06.28 Stack Overflow via saveParentControlInfo
CVE-2023-25215 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 stack overflow in formSetFirewallCfg (V15.03.06.28) can cause DoS
CVE-2023-25216 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 RTL_V15.03.06.28 Stack Overflow Causing DoS / Code Exec (CVE-2023-25217)
CVE-2023-25217 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 stack overflow in form_fast_setting_wifi_set DoS/Code exec
CVE-2023-25218 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 OS RTL_V15.03.06.28 stack overflow in fromDhcpListClient DoS/Exec
CVE-2023-25219 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

Tenda AC5 Stack Overflow in add_white_node (vUS_AC5V1.0RTL_V15.03.06.28)
CVE-2023-25220 9.8 - Critical - April 07, 2023

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

Memory Corruption

A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi
CVE-2021-3186 5.4 - Medium - January 26, 2021

A Stored Cross-site scripting (XSS) vulnerability in /main.html Wifi Settings in Tenda AC5 AC1200 version V15.03.06.47_multi allows remote attackers to inject arbitrary web script or HTML via the Wifi Name parameter.

XSS