Tenda A15 Router Stack-Based Buffer Overflow (CVE-2026-4567)
A stack-based buffer overflow vulnerability (CVE-2026-4567) exists in the UploadCfg function of the /cgi-bin/UploadCfg file in Tenda A15 firmware version 15.13.07.13, allowing remote attackers to execute arbitrary code by manipulating the File argument.
A critical stack-based buffer overflow vulnerability, identified as CVE-2026-4567, has been discovered in Tenda A15 wireless routers running firmware version 15.13.07.13. The vulnerability resides in the UploadCfg function within the /cgi-bin/UploadCfg file, which handles file uploads. A remote attacker can exploit this flaw by crafting a malicious request to the router, specifically targeting the File argument, to overwrite the stack buffer and potentially gain arbitrary code execution…
Detection coverage 2
Detect Suspicious Tenda UploadCfg Requests
criticalDetects suspicious POST requests to the /cgi-bin/UploadCfg endpoint on Tenda routers, potentially indicating exploitation attempts of CVE-2026-4567.
Detect Access to Tenda Exploit Download URL
highDetects network connections to the URL hosting the Tenda exploit.
Detection queries are kept inside the platform. Get full rules →
Indicators of compromise
1
6
url