CVE-2026-6631
Remote Buffer Overflow in Tenda F451 httpd Component
Publication date: 2026-04-20
Last updated on: 2026-04-20
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | f451 | 1.0.0.7_cn_svn7958 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability exists in the Tenda F451 device, specifically in the function fromwebExcptypemanFilter within the httpd component. It involves a buffer overflow caused by improper handling of the 'page' argument. An attacker can remotely manipulate this argument to trigger the overflow.
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to a buffer overflow, which may allow an attacker to execute arbitrary code or cause a denial of service on the affected device. Since the attack can be launched remotely, it poses a significant security risk to the device and potentially the network it is connected to.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP POST requests sent to the endpoint "/goform/webExcptypemanFilter" containing an oversized "page" parameter, typically around 2048 bytes or more.
A practical detection method is to capture and analyze network traffic for such requests targeting the Tenda F451 device.
For example, using tcpdump or Wireshark, you can filter HTTP POST requests to the vulnerable endpoint:
- tcpdump -A -s 0 'tcp port 80 and (((ip dst <device_ip>) and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)))'
Alternatively, you can use curl or similar tools to test the endpoint by sending a crafted POST request with a large "page" parameter to see if the device responds abnormally or crashes.
- curl -X POST http://<device_ip>/goform/webExcptypemanFilter -d 'page=$(python -c "print('A'*2048)")'
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint "/goform/webExcptypemanFilter" by implementing network-level controls such as firewall rules to block unauthorized or external access.
Additionally, monitoring and filtering HTTP POST requests with unusually large "page" parameters can help prevent exploitation.
If possible, update the device firmware to a version that patches this vulnerability or contact the vendor for a security update.
Until a patch is available, consider isolating the affected device from untrusted networks to reduce the risk of remote exploitation.