{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-5046/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["CVE-2026-5046","tenda","buffer-overflow","router"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-5046 is a stack-based buffer overflow vulnerability affecting Tenda FH1201 routers running firmware version 1.2.0.14(408). The vulnerability resides within the \u003ccode\u003eformWrlExtraSet\u003c/code\u003e function of the \u003ccode\u003e/goform/WrlExtraSet\u003c/code\u003e component, specifically in the handling of the \u003ccode\u003eGO\u003c/code\u003e argument. A remote attacker can exploit this flaw by sending a crafted HTTP request with a maliciously oversized \u003ccode\u003eGO\u003c/code\u003e parameter, overwriting the stack and potentially gaining arbitrary code execution on the device. The…\u003c/p\u003e\n","date_modified":"2026-03-29T15:16:36Z","date_published":"2026-03-29T15:16:36Z","id":"/briefs/2026-03-tenda-overflow/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-5046) in Tenda FH1201 version 1.2.0.14(408) allows remote attackers to execute arbitrary code by manipulating the GO argument in the formWrlExtraSet function of the /goform/WrlExtraSet component.","title":"Tenda FH1201 Stack-Based Buffer Overflow Vulnerability (CVE-2026-5046)","url":"https://feed.craftedsignal.io/briefs/2026-03-tenda-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2026-5046","version":"https://jsonfeed.org/version/1.1"}