CVE-2026-7030
Remote Buffer Overflow in Tenda F456 RouteStatic Function
Publication date: 2026-04-26
Last updated on: 2026-04-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | f456_firmware | 1.0.0.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The CVE-2026-7030 vulnerability affects the Tenda F456 router, version 1.0.0.5. It is a stack-based buffer overflow found in the HTTP daemon, specifically in the fromRouteStatic function that processes a user-supplied parameter named "page."
The vulnerability occurs because the user input is passed directly to the sprintf function without any bounds checking, allowing an attacker to overflow the stack buffer.
An attacker can exploit this by sending a crafted HTTP POST request to the /goform/RouteStatic endpoint with an excessively long "page" parameter, leading to potential denial of service or remote code execution on the device.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to remotely compromise the Tenda F456 router by exploiting the unchecked buffer in the HTTP service.
- Denial of Service (DoS): The attacker can cause the router to crash or become unresponsive.
- Remote Code Execution (RCE): The attacker may execute arbitrary code on the device, potentially gaining control over the router.
Such impacts can lead to network disruption, unauthorized access, and further attacks on connected devices.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP POST requests sent to the /goform/RouteStatic endpoint, specifically those containing an excessively long "page" parameter.
A practical detection method is to capture and analyze HTTP traffic targeting the Tenda F456 router, looking for unusually large or malformed POST requests to /goform/RouteStatic.
For example, using command-line tools like curl or netcat, you can simulate or detect such requests.
- Use tcpdump or Wireshark to capture HTTP traffic and filter for POST requests to /goform/RouteStatic.
- Example tcpdump command: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/RouteStatic'
- Use curl to test the endpoint with a crafted POST request containing a large "page" parameter to verify if the device is vulnerable: curl -X POST http://<router-ip>/goform/RouteStatic -d "page=$(python3 -c 'print("A"*1000)')"
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable /goform/RouteStatic endpoint to trusted networks only, such as by using firewall rules to block external HTTP POST requests to this path.
Additionally, monitoring and blocking suspicious HTTP POST requests with unusually large "page" parameters can help prevent exploitation.
If possible, update the router firmware to a version where this vulnerability is patched or contact the vendor for a security update.
Until a patch is available, consider disabling remote management features or HTTP services on the router if they are not required.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the CVE-2026-7030 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.