Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
Tenda F451 Router Allows Unauthenticated Remote Code Execution
CVE-2026-6135
Summary
An attacker can access and manipulate the Tenda F451 router's settings to potentially take control of the device. This is a serious security concern as the exploit is publicly available and could be used by hackers to gain unauthorized access to the router. To address this, update the router's firmware to the latest version.
Original title
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead ...
Original description
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 13 Apr 2026 · Updated: 13 Apr 2026 · First seen: 13 Apr 2026