Cyber Resilience

CVE-2026-4567

HighPublic PoC

Published: 23 March 2026

Published
23 March 2026
Modified
02 April 2026
KEV Added
Patch
CVSS Score v4 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0369 88.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-4567 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda A15 Firmware. Its CVSS base score is 8.9 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 11.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-4567 is a stack-based buffer overflow vulnerability affecting the Tenda A15 router on firmware version 15.13.07.13. The issue resides in the UploadCfg function of the /cgi-bin/UploadCfg file, where manipulation of the File argument triggers the overflow. Published on 2026-03-23, it is associated with CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow).

The vulnerability enables remote exploitation without authentication, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Attackers require only network access and can initiate the attack with low complexity, achieving high impacts on confidentiality, integrity, and availability. Successful exploitation may allow arbitrary code execution, potentially leading to full router compromise.

Advisories and exploit details are documented in references including a GitHub issue at https://github.com/942384053/cve/issues/3, a ZIP file containing an unauthenticated stack-based buffer overflow exploit at https://github.com/user-attachments/files/25824036/Tenda.A15.V15.13.07.13.Unauthenticated.Stack-based.Buffer.Overflow.in._cgi-bin_UploadCfg.zip, and VulDB entries at https://vuldb.com/?ctiid.352404, https://vuldb.com/?id.352404, and https://vuldb.com/?submit.775156. The public disclosure of the exploit heightens the risk of active exploitation.

EU & UK References

Vulnerability details

A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has…

more

been disclosed to the public and may be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is a stack-based buffer overflow in a public-facing web CGI endpoint (/cgi-bin/UploadCfg) on a router, enabling unauthenticated remote code execution, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-12619Same product: Tenda A15
CVE-2026-2886Same vendor: Tenda
CVE-2025-8017Same vendor: Tenda
CVE-2025-14665Same vendor: Tenda
CVE-2026-5604Same vendor: Tenda
CVE-2025-11386Same vendor: Tenda
CVE-2025-7792Same vendor: Tenda
CVE-2025-15231Same vendor: Tenda
CVE-2026-2907Same vendor: Tenda
CVE-2026-7035Same vendor: Tenda

Affected Assets

tenda
a15 firmware
15.13.07.13

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the stack-based buffer overflow by requiring validation of the File argument in the UploadCfg function to prevent improper memory operations.

prevent

Implements memory safeguards like stack canaries or DEP to protect against exploitation of the buffer overflow for arbitrary code execution.

prevent

Requires timely identification and patching of the specific buffer overflow flaw in the Tenda A15 firmware to eliminate the vulnerability.

References