What is the CVSS score of CVE-2026-3376?

CVE-2026-3376 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of F453 Firmware are affected by CVE-2026-3376?

A HIGH severity vulnerability (CVSS 8.8) affecting Tenda F453 wireless routers has been publicly disclosed with working exploits available, but no vendor patch currently exists.

Is there a public PoC exploit available for CVE-2026-3376?

Yes, a public proof-of-concept exploit is available for CVE-2026-3376. Prioritise patching immediately. EPSS: 0.1%.

F453 Firmware CVE-2026-3376

HIGH

Buffer Overflow (CWE-119)

2026-02-28 cna@vuldb.com

Buffer Overflow F453 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Mar 03, 2026 - 17:35 vuln.today

Public exploit code

CVE Published

Feb 28, 2026 - 23:16 nvd

HIGH 8.8

DescriptionNVD

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

AnalysisAI

Remote code execution in Tenda F453 firmware (v1.0.0.3) via a buffer overflow in the SafeMacFilter function allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability stems from insufficient input validation on the page parameter in the /goform/SafeMacFilter endpoint and can be exploited remotely over the network. …

RemediationAI

Within 24 hours: Inventory all Tenda F453 1.0.0.3 devices in your environment and isolate them from critical network segments if possible. Within 7 days: Implement network-based mitigations (WAF rules, access controls) to restrict access to the /goform/SafeMacFilter endpoint, and disable MAC filtering functionality if operationally feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-3376 vulnerability details – vuln.today

Back

F453 Firmware CVE-2026-3376

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code