This is a remotely exploitable stack-based buffer overflow vulnerability in the widely used Tenda F451 wireless router. The flaw exists in the `fromSetIpBind` function exposed via the `/goform/SetIpBind` endpoint. A remote attacker can trigger the overflow by manipulating the `page` argument, leading to potential code execution or device denial of service.
Remediation
No official patch is currently available for this vulnerability. Users should restrict access to the router's management interface to only trusted IP addresses, and avoid exposing the management interface to the public internet. Monitor Tenda's official website for firmware updates that address this issue.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.