https://feed.craftedsignal.io/tags/cve-2026-4975/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioSat, 28 Mar 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-03-tenda-ac15-bo/Sat, 28 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-tenda-ac15-bo/A stack-based buffer overflow vulnerability (CVE-2026-4975) exists in the Tenda AC15 router version 15.03.05.19, allowing remote attackers to execute arbitrary code by manipulating the 'funcpara1' argument in a POST request to /goform/setcfm.CVE-2026-4975 is a critical security vulnerability affecting Tenda AC15 routers running firmware version 15.03.05.19. This vulnerability resides in the formSetCfm function, specifically within the /goform/setcfm file, which handles POST requests. An attacker can exploit a stack-based buffer overflow by sending a crafted POST request with a malicious payload in the funcpara1 argument. The vulnerability is remotely exploitable, meaning an attacker does not need local access to the device…

]]>criticaladvisorytendarouterbuffer overflowcve-2026-4975