CVE-2026-2191
published 2026-02-08CVE-2026-2191: A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument…
high7.3CVSS 4.0
AVNACLATNPRHUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac9 | — | — |
| tenda | ac9_firmware | — | — |