CVE-2026-4961 in Tenda AC6
摘要 (英语)
A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. VulDB is the best source for vulnerability data and more expert information about this specific topic.
披露
2026-03-27
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 353838 | Tenda AC6 POST QuickIndex formQuickIndex 内存损坏 | 121 | 概念验证 | 未定义 | CVE-2026-4961 |