Dismissed
Permalink
CVE-2026-3400
8.8 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @LeSuisse Activity log
- Created automatic suggestion
- @LeSuisse removed package vimPlugins.nvim-treesitter-parsers.regex
- @LeSuisse dismissed
Tenda AC15 TextEditingConversion stack-based overflow
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
References
- VDB-348295 | Tenda AC15 TextEditingConversion stack-based overflow vdb-entry technical-description
- VDB-348295 | CTI Indicators (IOB, IOC, IOA) signature permissions-required
- Submit #760109 | Tenda A15 V15.13.07.13 Stack-based Buffer Overflow third-party-advisory
- https://www.yuque.com/ba1ma0-an29k/nnxoap/tzg68iadbmqx6esm?singleDoc# exploit
- https://www.tenda.com.cn/ product
Affected products
AC15
- ==15.13.07.0
- ==15.13.07.5
- ==15.13.07.9
- ==15.13.07.4
- ==15.13.07.10
- ==15.13.07.1
- ==15.13.07.11
- ==15.13.07.12
- ==15.13.07.3
- ==15.13.07.2
- ==15.13.07.13
- ==15.13.07.8
- ==15.13.07.7
- ==15.13.07.6
Ignored packages (1)
pkgs.vimPlugins.nvim-treesitter-parsers.regex
Tree-sitter grammar for regex
-
nixos-unstable 0.0.0+rev=b2ac15e
- nixpkgs-unstable 0.0.0+rev=b2ac15e
- nixos-unstable-small 0.0.0+rev=b2ac15e