NVD HIGH: CVE-2026-5204 — A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function f...

Tuesday, March 31, 2026 at 04:16 PM UTC·Source: NIST NVD

Updated: Monday, April 6, 2026 at 08:17 AM UTC

Executive Summary

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Analysis

Indicators of Compromise (2)

CVE (1)

CVE-2026-5204

NVD MITRE CVE

IPv4 (1)

1.0.0.1

VirusTotal Shodan AbuseIPDB

Source Attribution

Originally published by NIST NVD on Mar 31, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Coinbase wins conditional approval for national trust bank charter

Coinbase is the latest digital asset firm to receive conditional approval from US regulators for a national trust bank charter.

Just nowFinextra

LOWVulnerabilityNEW

Businesses ready to embrace AI-to-AI commerce, consumers more wary - Visa survey

AI-to-AI commerce looks poised to scale, with more than half of US businesses willing to allow agents to negotiate prices and terms directly with other agents on their behalf, according to a survey from Visa.

Just nowFinextra

CRITICALVulnerabilityNEW

Trump's Budget Proposal Would Slash CISA After Bruising Year

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/trumps-budget-proposal-would-slash-cisa-after-bruising-year-image_small-6-a-31352.jpg" align=right hspace=4><b>White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut</b><br>The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs whil

30m agoBank Info Security