https://feed.craftedsignal.io/tags/cve-2026-4905/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 27 Mar 2026 00:16:24 +0000https://feed.craftedsignal.io/briefs/2026-03-tenda-ac5-overflow/Fri, 27 Mar 2026 00:16:24 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-tenda-ac5-overflow/A stack-based buffer overflow vulnerability (CVE-2026-4905) exists in Tenda AC5 firmware version 15.03.06.47 allowing remote attackers to execute arbitrary code by manipulating the 'index' argument in a POST request to the /goform/WifiWpsOOB endpoint.A stack-based buffer overflow vulnerability, identified as CVE-2026-4905, has been discovered in Tenda AC5 home routers running firmware version 15.03.06.47. The vulnerability resides within the formWifiWpsOOB function in the /goform/WifiWpsOOB file, which handles POST requests. Attackers can remotely exploit this flaw by crafting a malicious POST request to this endpoint, specifically targeting the index argument. Successful exploitation leads to arbitrary code execution on the device…

]]>criticaladvisorybuffer-overflowtendaroutercve-2026-4905