Sign-up

ID

VAR-202603-2528


CVE

CVE-2026-4567


DESCRIPTION

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Trust: 1.0

sources: NVD: CVE-2026-4567

AFFECTED PRODUCTS

vendor:tendamodel:a15scope:eqversion:15.13.07.13

Trust: 1.0

sources: NVD: CVE-2026-4567

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-4567
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2026-4567
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2026-4567
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-4567

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

sources: NVD: CVE-2026-4567

EXTERNAL IDS

db:VULDBid:352404

Trust: 1.0

db:NVDid:CVE-2026-4567

Trust: 1.0

sources: NVD: CVE-2026-4567

REFERENCES

url:https://vuldb.com/?id.352404

Trust: 1.0

url:https://www.tenda.com.cn/

Trust: 1.0

url:https://vuldb.com/?submit.775156

Trust: 1.0

url:https://github.com/user-attachments/files/25824036/tenda.a15.v15.13.07.13.unauthenticated.stack-based.buffer.overflow.in._cgi-bin_uploadcfg.zip

Trust: 1.0

url:https://vuldb.com/?ctiid.352404

Trust: 1.0

url:https://github.com/942384053/cve/issues/3

Trust: 1.0

sources: NVD: CVE-2026-4567

SOURCES

db:NVDid:CVE-2026-4567

LAST UPDATE DATE

2026-04-02T23:36:50.370000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-4567date:2026-04-02T12:11:41.987

SOURCES RELEASE DATE

db:NVDid:CVE-2026-4567date:2026-03-23T03:16:00.387