Vulnerability Details CVE-2026-2930
A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.6%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
Products affected by CVE-2026-2930
-
cpe:2.3:h:tenda:a18:-
-
cpe:2.3:o:tenda:a18_firmware:15.13.07.13