CVE-2026-6122

HIGH

Tenda F451 httpd L7Prot frmL7ProtForm stack-based overflow

Title source: cna

Description

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

References (5)

Scores

CVSS v3 8.8
EPSS 0.0005
EPSS Percentile 15.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119 CWE-121
Status published
Products (1)
Tenda/F451 1.0.0.7
Published Apr 12, 2026
Tracked Since Apr 12, 2026