CVE-2026-51843
Received Received - Intake
Stack Buffer Overflow in Tenda AC7 Router Firmware

Publication date: 2026-06-19

Last updated on: 2026-06-19

Assigner: MITRE

Description
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-19
Last Modified
2026-06-19
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2026-51843
EUVD
EUVD-2026-38049
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda ac7 15.03.06.44
tenda ac7 From 15.03.06.44 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-51843 is a stack buffer overflow vulnerability found in Tenda AC7 routers running firmware version V15.03.06.44 and possibly earlier versions.

The vulnerability exists in the /goform/AdvSetMacMtuWan interface, specifically in the handling of the wanMTU parameter.

The issue arises because the wanMTU parameter is copied into a stack buffer using the unsafe strcpy function without proper length validation.

This allows an attacker to send a maliciously long wanMTU value, causing a stack overflow.

Impact Analysis

Exploitation of this vulnerability can lead to denial-of-service attacks, making the affected router unavailable.

More critically, it can allow remote arbitrary code execution, meaning an attacker could potentially take control of the device remotely.

Detection Guidance

This vulnerability can be detected by monitoring for HTTP POST requests to the /goform/AdvSetMacMtuWan endpoint containing unusually long or malformed wanMTU parameter values.

A practical detection method is to capture and analyze network traffic for such requests.

  • Use a network packet capture tool like tcpdump or Wireshark to filter HTTP POST requests to /goform/AdvSetMacMtuWan.
  • Example tcpdump command: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/AdvSetMacMtuWan'
  • Inspect captured HTTP POST data for the wanMTU parameter and check for abnormally long values that could trigger the buffer overflow.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable /goform/AdvSetMacMtuWan endpoint to trusted users only.

Additionally, monitor and block suspicious HTTP POST requests with unusually long wanMTU parameter values.

If possible, update the router firmware to a version where this vulnerability is patched or apply vendor-provided security updates.

As a temporary measure, consider disabling remote management features or placing the device behind a firewall that filters malicious traffic.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-51843. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart