CVE-2026-3044 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: February 24, 2026
Tenda AC8 - Buffer Overflow
Overview
Tenda AC8 16.03.34.06 contains a stack-based buffer overflow caused by manipulation of the "boundary" argument in /cgi-bin/UploadCfg Httpd Service, letting remote attackers execute arbitrary code, exploit requires crafted request.
Severity & Score
Impact
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
Mitigation
Update to the latest version.
References
Social Media Activity(3 posts)
šØ CVE-2026-3044: HIGH severity stack buffer overflow in Tenda AC8 (16.03.34.06) ā remote exploit published! Restrict /cgi-bin/UploadCfg, monitor traffic, and disable remote mgmt. Await patches or consider device replacement. https://radar.offseq.com/threat/cve-2026-3044-stack-based-buffer-overflow-in-tenda-c3428cc0 #OffSeq #Vuln #Tenda
View original post
šØ CVE-2026-3044: HIGH severity stack buffer overflow in Tenda AC8 (16.03.34.06) ā remote exploit published! Restrict /cgi-bin/UploadCfg, monitor traffic, and disable remote mgmt. Await patches or consider device replacement. https://radar.offseq.com/threat/cve-2026-3044-stack-based-buffer-overflow-in-tenda-c3428cc0 #OffSeq #Vuln #Tenda
View original post
š CVE-2026-3044 - High (8.8) A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. I... š https://www.thehackerwire.com/vulnerability/CVE-2026-3044/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-3044
- Severity
- High
- CVSS Score
- 8.8
- Type
- buffer_overflow
- Status
- confirmed
- EPSS
- 4.6%
- Social Posts
- 3
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H