Skip to main content
CVE-2026-3726 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve full system compromise through a malicious page parameter in the webExcptypemanFilter function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, making it a significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3769 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve unauthenticated code execution through a malformed GO parameter in the WrlclientSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using vulnerable F453 devices should implement network segmentation and access controls to mitigate exploitation risk.

Golang Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3768 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve complete system compromise through a malformed GO parameter in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face high risk of unauthorized code execution, data theft, and service disruption.

Golang Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3732 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware allows unauthenticated remote attackers to execute arbitrary code through the cmdinput parameter in the /goform/exeCommand function, with public exploit code already available. The vulnerability affects F453 firmware version 1.0.0.3 and has a CVSS score of 8.8, enabling complete compromise of affected devices without requiring user interaction. No patch is currently available.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3729 HIGH POC This Week

Remote code execution in Tenda F453 firmware versions 1.0.0.3 and 3.As via stack-based buffer overflow in the PPTP client configuration endpoint allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3728 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 firmware versions 1.0.0.3/1.1f allows authenticated remote attackers to execute arbitrary code through malformed funcname/funcpara1 parameters in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise potential of affected devices.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3715 HIGH POC This Week

Remote code execution in Wavlink WL-WN579X3-C firmware through stack-based buffer overflow in the firewall.cgi module allows unauthenticated attackers to achieve complete system compromise via manipulation of the del_flag parameter. Public exploit code exists for this vulnerability, and no patch is currently available despite vendor notification. Affected users should immediately restrict network access to the affected device until a firmware update becomes available.

Buffer Overflow Stack Overflow Wl Wn579x3 C Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3701 HIGH POC This Week

Remote code execution in H3C Magic B1 firmware through a buffer overflow in the SSID configuration function allows unauthenticated attackers to gain complete system compromise over the network. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The flaw affects firmware versions up to 100R004 and requires only low complexity to exploit with valid credentials.

Buffer Overflow Magic B1 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3700 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware up to version 1.7.7-171114 through a stack buffer overflow in the DNS filter configuration function allows authenticated attackers to execute arbitrary commands with full system privileges. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement network-level mitigations or device replacement until a fix is released.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3699 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 stems from an unsafe strcpy operation in the /goform/formRemoteControl function that enables unauthenticated attackers to trigger a buffer overflow. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3698 HIGH POC This Week

A buffer overflow in the NTP configuration handler of UTT HiPER 810G firmware versions up to 1.7.7-171114 enables authenticated remote attackers to achieve complete system compromise through memory corruption. Public exploit code exists for this vulnerability, and no patch is currently available. Affected devices face immediate risk of remote code execution with high privileges from any authenticated user.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3727 HIGH POC This Week

Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated attackers to achieve remote code execution through improper input validation in the QuickIndex handler. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at significant risk of compromise.

Buffer Overflow Stack Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-30910 HIGH This Week

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZE_MAX, which could lead to integer wraparound causing an undersized output buffer. [CVSS 7.5 HIGH]

Buffer Overflow Integer Overflow Denial Of Service Crypt
NVD
CVSS 3.1
7.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy