This buffer overflow vulnerability affects the httpd web service of widely deployed Tenda F451 consumer routers. A remote attacker can trigger the flaw by sending a maliciously crafted request with an overlong page argument to the vulnerable webExcptypemanFilter function. Successful exploitation can lead to remote code execution or permanent device compromise.
Remediation
No official vendor patch is currently available for this vulnerability. Restrict access to the router's management interface from the public internet and untrusted networks. Consider replacing the affected end-of-life device with a supported alternative if no update is released.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.