ID

VAR-202604-3433


CVE

CVE-2026-6015


TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC9  Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783

DESCRIPTION

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. An exploit is publicly available and can be exploited in the wild.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-6015 // JVNDB: JVNDB-2026-013783

AFFECTED PRODUCTS

vendor:tendamodel:ac9scope:eqversion:15.03.02.13

Trust: 1.0

vendor:tendamodel:ac9scope:eqversion:ac9 firmware 15.03.02.13

Trust: 0.8

vendor:tendamodel:ac9scope: - version: -

Trust: 0.8

vendor:tendamodel:ac9scope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783 // NVD: CVE-2026-6015

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-6015
value: HIGH

Trust: 1.0

OTHER: JVNDB-2026-013783
value: HIGH

Trust: 0.8

cna@vuldb.com: CVE-2026-6015
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2026-013783
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2026-6015
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2026-013783
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783 // NVD: CVE-2026-6015

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783 // NVD: CVE-2026-6015

PATCH

title://vuldb.com/vuln/356571url:https://lavender-bicycle-a5a.notion.site/Tenda-AC9-QuickIndex-33153a41781f80458940f212f150a4fb?source=copy_link

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783

EXTERNAL IDS

db:NVDid:CVE-2026-6015

Trust: 2.6

db:JVNDBid:JVNDB-2026-013783

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783 // NVD: CVE-2026-6015

REFERENCES

url:https://www.tenda.com.cn/

Trust: 1.8

url:https://vuldb.com/vuln/356571/cti

Trust: 1.0

url:https://vuldb.com/vuln/356571

Trust: 1.0

url:https://lavender-bicycle-a5a.notion.site/tenda-ac9-quickindex-33153a41781f80458940f212f150a4fb?source=copy_link

Trust: 1.0

url:https://vuldb.com/submit/791828

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-6015

Trust: 0.8

sources: JVNDB: JVNDB-2026-013783 // NVD: CVE-2026-6015

SOURCES

db:JVNDBid:JVNDB-2026-013783
db:NVDid:CVE-2026-6015

LAST UPDATE DATE

2026-06-19T23:02:17.406000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-013783date:2026-05-01T01:42:00
db:NVDid:CVE-2026-6015date:2026-04-30T14:03:13.137

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-013783date:2026-05-01T00:00:00
db:NVDid:CVE-2026-6015date:2026-04-10T06:16:06.510