LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-5550

CVE-2026-5550 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 5, 2026

Tenda AC10 - Buffer Overflow

Published: April 5, 2026Updated: April 5, 2026Remote Exploitable

Overview

Tenda AC10 16.03.10.10_multi_TDE01 contains a stack-based buffer overflow caused by manipulation in fromSysToolChangePwd function in /bin/httpd, letting remote attackers cause memory corruption, exploit requires no special privileges.

Severity & Score

Severity: High
CVSS Score: 8.8
EPSS Score: 4.6%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption leading to potential remote code execution or system crash.

Mitigation

Update to the latest firmware version provided by Tenda.

References

Social Media Activity(4 posts)

OffSequence
OffSequence
@offseq
Apr 5, 2026

šŸ”Ž HIGH severity: Tenda AC10 (v16.03.10.10_multi_TDE01) has a stack buffer overflow (CVE-2026-5550) in /bin/httpd. Remote code execution possible. No patch yet ā€” restrict remote mgmt & monitor closely. https://radar.offseq.com/threat/cve-2026-5550-stack-based-buffer-overflow-in-tenda-a47995aa #OffSeq #infosec #CVE2026_5550

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Apr 5, 2026

šŸŸ  CVE-2026-5550 - High (8.8) A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endp... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-5550/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
OffSequence
OffSequence
@offseq
Apr 5, 2026

šŸ”Ž HIGH severity: Tenda AC10 (v16.03.10.10_multi_TDE01) has a stack buffer overflow (CVE-2026-5550) in /bin/httpd. Remote code execution possible. No patch yet ā€” restrict remote mgmt & monitor closely. https://radar.offseq.com/threat/cve-2026-5550-stack-based-buffer-overflow-in-tenda-a47995aa #OffSeq #infosec #CVE2026_5550

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Apr 5, 2026

šŸŸ  CVE-2026-5550 - High (8.8) A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endp... šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-5550/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID
CVE-2026-5550
Severity
High
CVSS Score
8.8
Type
buffer_overflow
Status
new
EPSS
4.6%
Social Posts
4

CWE

  • CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.6%Probability of exploitation in the next 30 days