A vulnerability categorized as critical has been discovered in Tenda AC1206 15.03.06.23 . The affected element is the function fromGstDhcpSetSer of the component HTTP Handler . Such manipulation of the argument Password leads to stack-based buffer overflow. This vulnerability is listed as CVE-2026-36789 . The attack must be carried out from within the local network. There is no available exploit.