Detections
Analytics

CVE-2026-7101

high

Description

A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

References

https://www.tenda.com.cn/

https://vuldb.com/vuln/359676/cti

https://vuldb.com/vuln/359676

https://vuldb.com/submit/798474

https://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_139/README.md

Details

Source: Mitre, NVD

Published: 2026-04-27

Updated: 2026-04-27

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

CVSS v4

Base Score: 8.7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00046