CVE-2026-3400

HighPublic PoC

Published: 02 March 2026

Published

02 March 2026

Modified

03 March 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0016 36.4th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched…

remotely. The exploit has been released to the public and may be used for attacks.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

preventrecover

Directly mitigates the buffer overflow by requiring timely remediation through firmware patching to versions beyond 15.13.07.13.

SI-10 Information Input Validation good match

prevent

Prevents exploitation by enforcing validation and sanitization of inputs like the wpapsk_crypto2_4g argument in /goform/TextEditingConversion to avoid stack overflows.

SI-16 Memory Protection good match

prevent

Implements memory protections such as stack canaries or DEP to block unauthorized memory access and execution from the stack-based buffer overflow.

Security SummaryAI

CVE-2026-3400 is a stack-based buffer overflow vulnerability affecting Tenda AC15 routers running firmware versions up to 15.13.07.13. The flaw resides in an unknown functionality of the /goform/TextEditingConversion file, where manipulation of the wpapsk_crypto2_4g argument triggers the overflow. It has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWEs 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), 121 (Stack-based Buffer Overflow), and 787 (Out-of-bounds Write). The vulnerability was published on 2026-03-02.

Attackers with low privileges (PR:L) can exploit this remotely over the network with low complexity and no user interaction required. Successful exploitation grants high impacts on confidentiality, integrity, and availability, potentially allowing arbitrary code execution on the affected device. An exploit has been publicly released, increasing the risk of real-world attacks against vulnerable Tenda AC15 routers.

Advisories and further details are available via VulDB entries at https://vuldb.com/?ctiid.348295, https://vuldb.com/?id.348295, and https://vuldb.com/?submit.760109, the Tenda website at https://www.tenda.com.cn/, and a related Yuque document at https://www.yuque.com/ba1ma0-an29k/nnxoap/tzg68iadbmqx6esm?singleDoc#. Security practitioners should consult these for patch information or mitigation guidance, such as firmware updates beyond 15.13.07.13.

Details

CWE(s): CWE-119 CWE-121 CWE-787

Affected Products

tenda

ac15 firmware

≤ 15.13.07.13

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Stack-based buffer overflow in the web interface (/goform/TextEditingConversion) of a public-facing Tenda AC15 router, remotely exploitable (AV:N/AC:L/PR:L/UI:N) for arbitrary code execution, directly enables Exploit Public-Facing Application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://vuldb.com/?ctiid.348295
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.348295
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.760109
Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com
https://www.yuque.com/ba1ma0-an29k/nnxoap/tzg68iadbmqx6esm?singleDoc#
Exploit, Third Party Advisory · cna@vuldb.com