This is a remotely exploitable stack-based buffer overflow vulnerability in Tenda F453 routers. It occurs in the fromPPTPUserSetting function of the httpd component, where malicious manipulation of the delno argument triggers memory corruption. Exploit code for this vulnerability is publicly available.
Remediation
Check for official firmware updates from Tenda for the affected F453 device and install any available security patches immediately. If no patch is available, restrict management interface access to only trusted internal networks. Consider replacing unsupported devices to eliminate exposure.
Exploit info
The exploit has been released to the public; public references are available at https://app.opencve.io/cve/CVE-2026-5021 or https://vulners.com/cve/CVE-2026-5021. | Potential exploit details can be searched in Exploit-DB or GitHub: https://www.exploit-db.com/search?cve=CVE-2026-5021 | https://github.com/search?q=CVE-2026-5021+exploit
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.