Which versions of Tenda F456 are affected by CVE-2026-9389?

Tenda F456 routers (firmware 1.0.0.5) contain a buffer overflow vulnerability (CVSS 7.4) in the L7 packet filtering interface that allows low-privileged attackers to corrupt router memory via a…

Is there a public PoC exploit available for CVE-2026-9389?

Yes, a public proof-of-concept exploit is available for CVE-2026-9389. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-9389?

Within 24 hours: Inventory all Tenda F456 devices on the network and identify which are running firmware 1.0.0.5; isolate from untrusted network segments if possible. Within 7 days: Implement strict network access controls limiting /goform/L7Im endpoint access to authorized administration sources only; enable request rate limiting on the affected endpoint if device management interface allows. Within 30 days: Monitor Tenda security advisories for patched firmware; plan device replacement or upgrade strategy with vendor timeline confirmation.

Tenda F456 CVE-2026-9389

Q: What is the CVSS score of CVE-2026-9389?

CVE-2026-9389 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-31545 HIGH

Classic Buffer Overflow (CWE-120)

2026-05-24 VulDB

GHSA-65p4-www8-vqx4

Tenda Buffer Overflow F456

7.4

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.4 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Jun 08, 2026 - 09:16 vuln.today

CVSS changed

May 26, 2026 - 20:07 NVD

8.8 (HIGH) 7.4 (HIGH)

DescriptionCVE.org

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

AnalysisAI

Buffer overflow in the Tenda F456 router (firmware 1.0.0.5) allows remote attackers with low privileges to corrupt memory via the page parameter handled by the frmL7ImForm function exposed at /goform/L7Im. Publicly available exploit code exists, though EPSS rates near-term exploitation probability at only 0.05% (14th percentile) and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed F456 admin interface

Delivery

Obtain low-privilege web UI credentials

Exploit

Send crafted POST to /goform/L7Im with oversized page parameter

Execution

Trigger buffer overflow in frmL7ImForm

Persist

Corrupt httpd memory for DoS or code execution

Impact

Pivot into LAN or persist on router