Security Advisory

CVE-2026-4960

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 16:09:34

Last updated 2026-03-27 22:07:09

Assigner VulDB

State PUBLISHED

Description

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

← Browse all CVEs View on cve.org ↗