<0.1% probability · 23.7th percentile — 2026-05-12
Affected versions
Tenda F451 1.0.0.7_cn_svn7958
Summary
This is a remotely exploitable buffer overflow vulnerability in the safe URL filtering feature of Tenda F451 routers. The vulnerability is located in the `fromSafeUrlFilter` function at the `/goform/SafeUrlFilter` endpoint. Manipulation of the `page` argument by a remote attacker can trigger stack overflow, leading to denial of service or remote code execution.
Remediation
Limit access to the router's web management interface to trusted internal networks only. Disable remote management from the public internet if it is enabled. Apply official firmware patches from Tenda immediately once a fixed version is released.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.