CVE-2026-11493
5.0 MEDIUMA weakness has been identified in Tenda AC15 15.03.05.19
Published: 2026-06-08 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 5.0 MEDIUM
- Vector
- CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-521
Description
A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-11493
- [Other]https://vuldb.com/cve/CVE-2026-11493
- [Other]https://vuldb.com/submit/834818
- [Other]https://vuldb.com/vuln/369113
- [Other]https://vuldb.com/vuln/369113/cti
- [Other]https://www.notion.so/Tenda-AC15-V15-03-05-19-3671f5ba98908023b508dc0330624dcd?source=copy_link
- [Other]https://www.tenda.com.cn/
Related CVEs
Same CWE
- CVE-2024-40684 — IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3... (5.9 MEDIUM)
- CVE-2026-9394 — A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426 (3.1 LOW)
- CVE-2017-7903 — A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 176... (9.8 CRITICAL)