Dismissed
Permalink
CVE-2026-2192
7.2 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @jopejoe1 Activity log
- Created automatic suggestion
- @jopejoe1 removed package vimPlugins.nvim-treesitter-parsers.kconfig
- @jopejoe1 dismissed
Tenda AC9 formGetRebootTimer stack-based overflow
A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
References
- VDB-344895 | Tenda AC9 formGetRebootTimer stack-based overflow vdb-entry technical-description
- VDB-344895 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #749801 | Tenda AC9 v1.0/V3.0 V15.03.06.42_multi Stack-based Buffer Overflow third-party-advisory
- https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda4.md exploit
- https://www.tenda.com.cn/ product
- VDB-344895 | Tenda AC9 formGetRebootTimer stack-based overflow vdb-entry technical-description
- VDB-344895 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #749801 | Tenda AC9 v1.0/V3.0 V15.03.06.42_multi Stack-based Buffer Overflow third-party-advisory
- https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda4.md exploit
- https://www.tenda.com.cn/ product
Affected products
AC9
- ==15.03.06.42_multi