CVE Catalog
CVE-2026-51846
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.56%
42th percentile — higher than 42% of all known CVEs
Summary
In Tenda AC7 v15.03.06.44, there is a stack buffer overflow vulnerability in the wanSpeed parameter of the route /goform/AdvSetMacMtuWan, which can lead to remote arbitrary code execution.
Risk Assessment
This vulnerability poses a serious risk to organizations, allowing attackers to remotely take control of the device.
Recommendation
It is recommended to update the firmware to the latest version to mitigate this vulnerability and to monitor systems for potential attack attempts.
Original NVD description (English source)
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.

