F453 Firmware
Monthly
Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve unauthenticated code execution through a malformed GO parameter in the WrlclientSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using vulnerable F453 devices should implement network segmentation and access controls to mitigate exploitation risk.
Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve complete system compromise through a malformed GO parameter in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face high risk of unauthorized code execution, data theft, and service disruption.
Stack-based buffer overflow in Tenda F453 firmware allows unauthenticated remote attackers to execute arbitrary code through the cmdinput parameter in the /goform/exeCommand function, with public exploit code already available. The vulnerability affects F453 firmware version 1.0.0.3 and has a CVSS score of 8.8, enabling complete compromise of affected devices without requiring user interaction. No patch is currently available.
Remote code execution in Tenda F453 firmware versions 1.0.0.3 and 3.As via stack-based buffer overflow in the PPTP client configuration endpoint allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.
Stack-based buffer overflow in Tenda F453 firmware versions 1.0.0.3/1.1f allows authenticated remote attackers to execute arbitrary code through malformed funcname/funcpara1 parameters in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise potential of affected devices.
Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated attackers to achieve remote code execution through improper input validation in the QuickIndex handler. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at significant risk of compromise.
Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve full system compromise through a malicious page parameter in the webExcptypemanFilter function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, making it a significant risk for affected devices.
Remote code execution in Tenda F453 firmware versions 1.0.0.3 and earlier results from a buffer overflow in the httpd component's DHCP configuration handler. An authenticated attacker can exploit this vulnerability over the network to achieve complete system compromise, and public exploit code is currently available.
Buffer overflow in Tenda F453 firmware versions 1.0.0.3 allows authenticated remote attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters sent to the httpd service. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can exploit this to execute arbitrary code with complete control over confidentiality, integrity, and availability of affected devices.
Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the L7Im web interface parameter handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can achieve complete system compromise including data theft, modification, and service disruption.
Remote code execution in Tenda F453 1.0.0.3 DNS firmware via a buffer overflow in the /goform/SetIpBind endpoint allows authenticated attackers to achieve full system compromise. The vulnerability stems from improper input validation of the page parameter and has public exploit code available. An attacker with network access and valid credentials can execute arbitrary code with complete system privileges.
Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to achieve complete system compromise through a buffer overflow in the QoS settings parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of the SafeUrlFilter page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.
Remote code execution in Tenda F453 firmware (v1.0.0.3) via a buffer overflow in the SafeMacFilter function allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability stems from insufficient input validation on the page parameter in the /goform/SafeMacFilter endpoint and can be exploited remotely over the network. Public exploit code exists and no patch is currently available.
Remote code execution in Tenda F453 firmware allows authenticated attackers to achieve complete system compromise through a buffer overflow in the httpd address NAT function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Remote code execution in Tenda F453 firmware through a buffer overflow in the L7Prot HTTP handler allows unauthenticated attackers to achieve full system compromise via a malicious page parameter. Public exploit code exists for this vulnerability, increasing the risk of widespread attacks. No patch is currently available, leaving affected devices vulnerable until firmware updates are released.
Remote code execution in Tenda F453 firmware version 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the wireless security settings endpoint. The vulnerability exists in the httpd component's formWrlsafeset function and can be triggered through manipulation of the mit_ssid_index parameter. Public exploit code is available and no patch has been released.
Unauthenticated remote attackers can execute arbitrary code on Tenda F453 devices running firmware 1.0.0.3 by exploiting a stack buffer overflow in the DHCP list client function through the httpd service. Public exploit code exists for this vulnerability and no patch is currently available. The attack requires network access but no user interaction, making it trivial to exploit.
Remote code execution in Tenda F453 firmware through a buffer overflow in the P2pListFilter HTTP handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, creating immediate risk for deployed devices. No patch is currently available, leaving affected systems vulnerable to exploitation.
Buffer overflow in Tenda F453 firmware httpd SafeEmailFilter function allows authenticated remote attackers to achieve complete system compromise through manipulation of the page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges (read, write, execute).
Unauthenticated attackers can exploit a buffer overflow in the Tenda F453 firmware's NatStaticSetting endpoint to achieve remote code execution by manipulating the page parameter. Public exploit code is available and actively being leveraged in the wild. No patch is currently available, leaving affected devices vulnerable.
Unauthenticated attackers can trigger a buffer overflow in the Tenda F453 firmware via the webSiteId parameter in the /goform/webtypelibrary endpoint, enabling remote code execution with full system compromise. Public exploit code is available and actively deployed against affected devices. No patch has been released.
Remote code execution in Tenda F453 firmware version 1.0.0.3 exists through a buffer overflow in the httpd component's RouteStatic function when processing the page parameter. An unauthenticated attacker on the network can exploit this vulnerability to execute arbitrary code with full system privileges. Public exploit code is available and no patch is currently available.
Remote code execution in Tenda F453 firmware 1.0.0.3 through buffer overflow in the WiFi configuration handler allows authenticated attackers to execute arbitrary code with full system privileges. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the httpd component's wireless settings function and can be exploited over the network by any authenticated user.
Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve unauthenticated code execution through a malformed GO parameter in the WrlclientSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations using vulnerable F453 devices should implement network segmentation and access controls to mitigate exploitation risk.
Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve complete system compromise through a malformed GO parameter in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face high risk of unauthorized code execution, data theft, and service disruption.
Stack-based buffer overflow in Tenda F453 firmware allows unauthenticated remote attackers to execute arbitrary code through the cmdinput parameter in the /goform/exeCommand function, with public exploit code already available. The vulnerability affects F453 firmware version 1.0.0.3 and has a CVSS score of 8.8, enabling complete compromise of affected devices without requiring user interaction. No patch is currently available.
Remote code execution in Tenda F453 firmware versions 1.0.0.3 and 3.As via stack-based buffer overflow in the PPTP client configuration endpoint allows unauthenticated network attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for affected devices.
Stack-based buffer overflow in Tenda F453 firmware versions 1.0.0.3/1.1f allows authenticated remote attackers to execute arbitrary code through malformed funcname/funcpara1 parameters in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score of 8.8 reflects the complete compromise potential of affected devices.
Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated attackers to achieve remote code execution through improper input validation in the QuickIndex handler. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at significant risk of compromise.
Stack-based buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve full system compromise through a malicious page parameter in the webExcptypemanFilter function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, making it a significant risk for affected devices.
Remote code execution in Tenda F453 firmware versions 1.0.0.3 and earlier results from a buffer overflow in the httpd component's DHCP configuration handler. An authenticated attacker can exploit this vulnerability over the network to achieve complete system compromise, and public exploit code is currently available.
Buffer overflow in Tenda F453 firmware versions 1.0.0.3 allows authenticated remote attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters sent to the httpd service. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can exploit this to execute arbitrary code with complete control over confidentiality, integrity, and availability of affected devices.
Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the L7Im web interface parameter handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can achieve complete system compromise including data theft, modification, and service disruption.
Remote code execution in Tenda F453 1.0.0.3 DNS firmware via a buffer overflow in the /goform/SetIpBind endpoint allows authenticated attackers to achieve full system compromise. The vulnerability stems from improper input validation of the page parameter and has public exploit code available. An attacker with network access and valid credentials can execute arbitrary code with complete system privileges.
Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to achieve complete system compromise through a buffer overflow in the QoS settings parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of the SafeUrlFilter page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.
Remote code execution in Tenda F453 firmware (v1.0.0.3) via a buffer overflow in the SafeMacFilter function allows authenticated attackers to execute arbitrary code with full system privileges. The vulnerability stems from insufficient input validation on the page parameter in the /goform/SafeMacFilter endpoint and can be exploited remotely over the network. Public exploit code exists and no patch is currently available.
Remote code execution in Tenda F453 firmware allows authenticated attackers to achieve complete system compromise through a buffer overflow in the httpd address NAT function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Remote code execution in Tenda F453 firmware through a buffer overflow in the L7Prot HTTP handler allows unauthenticated attackers to achieve full system compromise via a malicious page parameter. Public exploit code exists for this vulnerability, increasing the risk of widespread attacks. No patch is currently available, leaving affected devices vulnerable until firmware updates are released.
Remote code execution in Tenda F453 firmware version 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the wireless security settings endpoint. The vulnerability exists in the httpd component's formWrlsafeset function and can be triggered through manipulation of the mit_ssid_index parameter. Public exploit code is available and no patch has been released.
Unauthenticated remote attackers can execute arbitrary code on Tenda F453 devices running firmware 1.0.0.3 by exploiting a stack buffer overflow in the DHCP list client function through the httpd service. Public exploit code exists for this vulnerability and no patch is currently available. The attack requires network access but no user interaction, making it trivial to exploit.
Remote code execution in Tenda F453 firmware through a buffer overflow in the P2pListFilter HTTP handler allows authenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, creating immediate risk for deployed devices. No patch is currently available, leaving affected systems vulnerable to exploitation.
Buffer overflow in Tenda F453 firmware httpd SafeEmailFilter function allows authenticated remote attackers to achieve complete system compromise through manipulation of the page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges (read, write, execute).
Unauthenticated attackers can exploit a buffer overflow in the Tenda F453 firmware's NatStaticSetting endpoint to achieve remote code execution by manipulating the page parameter. Public exploit code is available and actively being leveraged in the wild. No patch is currently available, leaving affected devices vulnerable.
Unauthenticated attackers can trigger a buffer overflow in the Tenda F453 firmware via the webSiteId parameter in the /goform/webtypelibrary endpoint, enabling remote code execution with full system compromise. Public exploit code is available and actively deployed against affected devices. No patch has been released.
Remote code execution in Tenda F453 firmware version 1.0.0.3 exists through a buffer overflow in the httpd component's RouteStatic function when processing the page parameter. An unauthenticated attacker on the network can exploit this vulnerability to execute arbitrary code with full system privileges. Public exploit code is available and no patch is currently available.
Remote code execution in Tenda F453 firmware 1.0.0.3 through buffer overflow in the WiFi configuration handler allows authenticated attackers to execute arbitrary code with full system privileges. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the httpd component's wireless settings function and can be exploited over the network by any authenticated user.