CVE-2026-5990
Stack-Based Buffer Overflow in Tenda F451 SafeEmailFilter
Publication date: 2026-04-10
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | f451_firmware | 1.0.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate the vulnerability in Tenda F451 1.0.0.7 related to the fromSafeEmailFilter function, immediate steps include restricting or blocking access to the /goform/SafeEmailFilter endpoint to prevent exploitation via the 'page' parameter.
Additionally, monitoring and filtering HTTP POST requests to detect and block unusually large or malformed 'page' parameters can help prevent buffer overflow attempts.
Applying any available firmware updates or patches from the vendor that address this issue is also critical once they become available.
Can you explain this vulnerability to me?
CVE-2026-5990 is a stack-based buffer overflow vulnerability found in the Tenda F451 router firmware version 1.0.0.7. It exists in the fromSafeEmailFilter function of the /goform/SafeEmailFilter endpoint. The vulnerability occurs because the user-supplied "page" parameter is passed directly to the sprintf function without any bounds checking, allowing an attacker to overflow the buffer.
An attacker can exploit this by sending a specially crafted HTTP POST request with an oversized "page" parameter, which can cause the device to crash or potentially allow remote code execution.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to remotely cause a denial of service (DoS) on your Tenda F451 device, making it unavailable.
More seriously, the attacker may be able to execute arbitrary code remotely, which could lead to full compromise of the device, unauthorized access, or further attacks on your network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a specially crafted HTTP POST request to the endpoint /goform/SafeEmailFilter with an oversized "page" parameter. For example, posting 2048 bytes of the character 'a' to the "page" parameter can trigger the stack-based buffer overflow.
A detection command using curl could be:
- curl -X POST http://<target-ip>/goform/SafeEmailFilter -d "page=$(python3 -c 'print("a"*2048)')"
If the system crashes, becomes unresponsive, or behaves abnormally after this request, it indicates the presence of the vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the vulnerability in Tenda F451 1.0.0.7 impacts compliance with common standards and regulations such as GDPR or HIPAA.