CVE Catalog

CVE-2026-51846

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.56%

42th percentile — higher than 42% of all known CVEs

Summary

In Tenda AC7 v15.03.06.44, there is a stack buffer overflow vulnerability in the wanSpeed parameter of the route /goform/AdvSetMacMtuWan, which can lead to remote arbitrary code execution.

Risk Assessment

This vulnerability poses a serious risk to organizations, allowing attackers to remotely take control of the device.

Recommendation

It is recommended to update the firmware to the latest version to mitigate this vulnerability and to monitor systems for potential attack attempts.

Original NVD description (English source)

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS