CVE-2026-51846
published 2026-06-19CVE-2026-51846: In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.56%
42.4th percentile
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Tenda AC7 15.03.06.44 /goform/AdvSetMacMtuWan wanSpeed stack-based overflow
vuldb·2026-06-19
CVE-2026-51846 [CRITICAL] Tenda AC7 15.03.06.44 /goform/AdvSetMacMtuWan wanSpeed stack-based overflow
A vulnerability marked as critical has been reported in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/AdvSetMacMtuWan. The manipulation of the argument wanSpeed leads to stack-based buffer overflow.
This vulnerability is uniquely identified as CVE-2026-51846. The attack is possible to be carried out remotely. No exploit exists.
GHSA
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
ghsa_unreviewed·2026-06-19
CVE-2026-51846 In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-19
Published