Skip to main content
CVE-2026-3399 HIGH POC This Week

Remote code execution in Tenda F453 firmware versions 1.0.0.3 and earlier results from a buffer overflow in the httpd component's DHCP configuration handler. An authenticated attacker can exploit this vulnerability over the network to achieve complete system compromise, and public exploit code is currently available.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3398 HIGH POC This Week

Buffer overflow in Tenda F453 firmware versions 1.0.0.3 allows authenticated remote attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters sent to the httpd service. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can exploit this to execute arbitrary code with complete control over confidentiality, integrity, and availability of affected devices.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3380 HIGH POC This Week

Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the L7Im web interface parameter handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can achieve complete system compromise including data theft, modification, and service disruption.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3379 HIGH POC This Week

Remote code execution in Tenda F453 1.0.0.3 DNS firmware via a buffer overflow in the /goform/SetIpBind endpoint allows authenticated attackers to achieve full system compromise. The vulnerability stems from improper input validation of the page parameter and has public exploit code available. An attacker with network access and valid credentials can execute arbitrary code with complete system privileges.

DNS Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3378 HIGH POC This Week

Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to achieve complete system compromise through a buffer overflow in the QoS settings parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3377 HIGH POC This Week

Buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of the SafeUrlFilter page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy