Security Advisory

CVE-2026-4961

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 16:09:39

Last updated 2026-03-27 22:07:24

Assigner VulDB

State PUBLISHED

Description

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

← Browse all CVEs View on cve.org ↗