Home / Vulnerability Intelligence / CVE-2026-4489

CVE-2026-4489 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 20, 2026

Tenda A18 Pro - Buffer Overflow

Published: March 20, 2026Updated: March 20, 2026Remote Exploitable

Overview

Tenda A18 Pro 02.03.02.28 contains a stack-based buffer overflow caused by manipulation of form_fast_setting_wifi_set in /goform/fast_setting_wifi_set, letting remote attackers cause denial of service or execute code, exploit requires crafted request.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.6%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause denial of service or execute arbitrary code, potentially compromising the device.

Mitigation

Update to the latest firmware version.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 20, 2026

🟠 CVE-2026-4489 - High (8.8) A vulnerability was detected in Tenda A18 Pro 02.03.02.28. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation results in stack-based buffer overflow. The attack may be lau... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4489/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-4489
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new
EPSS: 4.6%
Social Posts: 1

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.6%Probability of exploitation in the next 30 days