Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.7
Tenda AC10 Routers Can Be Crashed by Malicious Password Changes
CVE-2026-5550
Summary
A bug in the Tenda AC10's password change feature on certain routers can be exploited remotely, potentially causing the device to crash. This affects multiple devices. To fix this, update to a newer version of the router's firmware, if available.
Original title
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. T...
Original description
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
8.7
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026