NVD HIGH: CVE-2026-5036 — A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects ...

Sunday, March 29, 2026 at 08:15 AM UTC·Source: NIST NVD

Updated: Friday, April 3, 2026 at 09:52 PM UTC

Executive Summary

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.

Analysis

Indicators of Compromise (2)

CVE (1)

CVE-2026-5036

NVD MITRE CVE

IPv4 (1)

04.06.01.29

VirusTotal Shodan AbuseIPDB

Source Attribution

Originally published by NIST NVD on Mar 29, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

3h agoDark Reading

MEDIUMVulnerability

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. [...]

4h agoBleepingComputer

MEDIUMVulnerability

FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic

Voxbeam’s actions allegedly led to “financial impersonation robocalls” that were made to American consumers “ using “non-compliant and long dormant accounts,” the FCC said.

4h agoThe Record