EUVD-2026-14313
GHSA-hwc3-99fx-qcgr
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A vulnerability was determined in Tenda F453 1.0.0.3. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component Parameters Handler. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Analysis
Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows remote attackers to achieve complete system compromise through manipulation of the page parameter in the VirtualSer handler. Public exploit code exists for this vulnerability, and no patch is currently available. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Tenda F453 devices running firmware 1.0.0.3 in your environment and isolate them from critical network segments. Within 7 days: Implement compensating controls including network access restrictions, disable the VirtualSer feature if operationally feasible, and deploy WAF rules blocking /goform/VirtualSer requests. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today