CVE ID :CVE-2026-5154
Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago
Description :A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago
Description :A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
🤖 AI-Generated Patch Solution
Google Gemini (gemini-2.5-flash) • CVE: CVE-2026-5154
Unknown
N/A
N/A
⚠️ Vulnerability Description:
1. IMMEDIATE ACTIONS
Immediately disconnect or isolate any systems running the vulnerable Enterprise Data Connector Library from the network to prevent further compromise. This includes blocking all external and unnecessary internal network access to ports used by the affected service.
Review system and application logs for any indicators of compromise (IOCs) dating back several weeks or months. Look for unusual process execution, new user accounts, unexpected network connections
💡 AI-generated — review with a security professional before acting.View on NVD →