This is a stack-based buffer overflow vulnerability in the formWrlExtraSet function of Tenda FH451 consumer routers. Remote unauthenticated attackers can trigger the flaw by sending a maliciously crafted request to the affected endpoint. Successful exploitation can lead to remote code execution or complete device outage.
Remediation
Replace the affected Tenda FH451 device with a supported, updated router, as no official patch is available for this vulnerability. Restrict access to the router's management interface to only trusted internal networks, and block external access to this interface. Monitor network traffic for suspicious activity originating from the affected device.
Exploit info
The exploit has been released to the public (for example, see https://app.opencve.io/cve/CVE-2026-4534 or https://vuldb.com/). | Potential exploit details can be searched in Exploit-DB or GitHub: https://www.exploit-db.com/search?cve=CVE-2026-4534 | https://github.com/search?q=CVE-2026-4534+exploit
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.