Tenda AC15 Stack-Based Buffer Overflow Vulnerability (CVE-2026-4975)
A stack-based buffer overflow vulnerability (CVE-2026-4975) exists in the Tenda AC15 router version 15.03.05.19, allowing remote attackers to execute arbitrary code by manipulating the 'funcpara1' argument in a POST request to /goform/setcfm.
CVE-2026-4975 is a critical security vulnerability affecting Tenda AC15 routers running firmware version 15.03.05.19. This vulnerability resides in the formSetCfm function, specifically within the /goform/setcfm file, which handles POST requests. An attacker can exploit a stack-based buffer overflow by sending a crafted POST request with a malicious payload in the funcpara1 argument. The vulnerability is remotely exploitable, meaning an attacker does not need local access to the device…
Detection coverage 2
Detect Tenda AC15 setcfm Buffer Overflow Attempt via POST Request
highDetects potential exploitation attempts of the Tenda AC15 stack-based buffer overflow vulnerability (CVE-2026-4975) by monitoring for abnormally long funcpara1 arguments in POST requests to /goform/setcfm.
Detect Tenda AC15 setcfm Access from External IP
mediumDetects access to the Tenda AC15 /goform/setcfm endpoint from an external IP address, which might indicate unauthorized attempts to configure the router remotely.
Detection queries are kept inside the platform. Get full rules →