CVE-2026-3400
published 2026-03-02CVE-2026-3400: A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15_firmware | <= 15.13.07.13 | — |