Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
Tenda F451 Router: Unsecured Password Can Cause System Crash
CVE-2026-6137
Summary
The Tenda F451 router's configuration page is not properly validating some user input, which allows an attacker to crash the system. This could lead to a denial of service, making the router unavailable. To fix this, update the router's firmware to the latest version.
Original title
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPasswo...
Original description
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 13 Apr 2026 · Updated: 13 Apr 2026 · First seen: 13 Apr 2026