CVE-2026-6197
Received Received - Intake
Remote Stack-Based Buffer Overflow in Tenda F456 Wireless Setup

Publication date: 2026-04-13

Last updated on: 2026-04-13

Assigner: VulDB

Description
A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of the argument mit_ssid can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-13
Generated
2026-06-16
AI Q&A
2026-04-14
EPSS Evaluated
2026-06-15
NVD
CVE-2026-6197
EUVD
EUVD-2026-22057
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tenda f456 1.0.0.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability CVE-2026-6197 allows remote attackers to execute arbitrary code or cause denial of service on the Tenda F456 router by exploiting a stack-based buffer overflow. This can lead to unauthorized access or disruption of network services.

Such unauthorized access or service disruption could potentially result in the exposure or loss of sensitive data, which may impact compliance with data protection regulations like GDPR or HIPAA. However, the provided information does not explicitly detail the direct effects on compliance with these standards.

Executive Summary

CVE-2026-6197 is a stack-based buffer overflow vulnerability found in the Tenda F456 router version 1.0.0.5. It occurs in the HTTP daemon's function formWrlsafeset when processing the user-supplied parameter "mit_ssid". This parameter is stored in a variable without proper bounds checking before being passed to the sprintf function, which can overflow the stack buffer.

An attacker can exploit this vulnerability remotely by sending a specially crafted HTTP POST request to the endpoint "/goform/AdvSetWrlsafeset" with an excessively long "mit_ssid" parameter, triggering the overflow.

Impact Analysis

Exploiting this vulnerability can allow an attacker to execute arbitrary code on the affected device remotely or cause a denial of service (DoS) by crashing the router.

  • Remote code execution could lead to full compromise of the device.
  • Denial of service could disrupt network connectivity by crashing the router.
Detection Guidance

This vulnerability can be detected by sending a crafted HTTP POST request to the endpoint "/goform/AdvSetWrlsafeset" with an excessively long "mit_ssid" parameter. If the device is vulnerable, this request may trigger a stack-based buffer overflow.

A detection command example using curl could be:

  • curl -X POST http://[target_ip]/goform/AdvSetWrlsafeset -d "mit_ssid=$(python3 -c 'print("A"*1000)')"

This command sends a POST request with a very long "mit_ssid" parameter which may cause the vulnerable router to crash or behave abnormally, indicating the presence of the vulnerability.

Mitigation Strategies

Immediate mitigation steps include:

  • Restrict remote access to the router's management interface to trusted networks only.
  • Monitor network traffic for suspicious POST requests targeting "/goform/AdvSetWrlsafeset" with unusually long "mit_ssid" parameters.
  • If possible, apply any available firmware updates or patches from the vendor addressing this vulnerability.
  • As a temporary measure, disable remote management or block access to the vulnerable endpoint via firewall rules.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6197. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart