EUVD-2026-14312
GHSA-2mxw-7frq-fx3r
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component Parameters Handler. Performing a manipulation of the argument menufacturer/Go results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Analysis
Tenda F453 version 1.0.0.3 contains a stack-based buffer overflow in the SafeClientFilter parameter handler that allows authenticated remote attackers to execute arbitrary code by manipulating the manufacturer/Go argument. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Tenda F453 devices in your network and isolate them from critical systems; disable remote management access and restrict administrative accounts. Within 7 days: Implement WAF rules to block requests to /goform/SafeClientFilter endpoint and monitor for exploitation attempts; enforce network segmentation to limit router access. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today