CVE-2026-4975

Tenda AC15 POST Request setcfm formSetCfm memory corruption

CVSS 8.7 HIGHEPSS 0.6%CWE-119 CWE-121

Vexday Risk Score

41Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 8.7EPSS 0.6%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

27 Mar 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Affected products

Tenda · AC15

public PoCs found — 1

cve_referencelavender-bicycle-a5a.notion.site/Tenda-AC15-setcfm-32153a41781f807b8945dd8920fafc14?source=copy_linkunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lavender-bicycle-a5a.notion.site/Tenda-AC15-setcfm-32153a41781f807b8945dd8920fafc14?source=copy_link https://vuldb.com/?ctiid.353862 https://vuldb.com/?id.353862 https://vuldb.com/?submit.778261 https://www.tenda.com.cn/