<0.1% probability · 23.3th percentile — 2026-05-12
Affected versions
Tenda F456 1.0.0.5
Summary
This is a remote exploitable buffer overflow vulnerability affecting the httpd management service on Tenda F456 routers. The flaw exists in the fromNatlimitof function handling requests to the /goform/Natlimit endpoint. Successful exploitation can lead to remote code execution or permanent denial of service on the affected device.
Remediation
Install any available official firmware update from Tenda to address this issue. Limit access to the router management interface to trusted local networks only, and disable remote access if it is not needed. Replace the device if no security update is provided by the vendor.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.