CVE Catalog

CVE-2026-11557

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Summary

A weakness has been identified in Tenda F451 versions 1.0.0.7 and 1.0.0.9. The affected element is the function fromNatlimit in the file /goform/Natlimit, which can lead to stack-based buffer overflow due to manipulation of the argument page.

Risk Assessment

The attack can be executed remotely, posing a significant security threat to the system. The publicly available exploit increases the risk of this vulnerability being exploited.

Recommendation

It is recommended to update the software to the latest version to eliminate this vulnerability. Additionally, monitoring systems for unauthorized access attempts is advised.

Original NVD description (English source)

A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS