Platform
tenda
Component
tenda
Fixed in
1.0.1
A critical vulnerability, CVE-2026-5988, has been identified in the Tenda F451 router. This flaw is a stack-based buffer overflow affecting firmware versions 1.0.0 through 1.0.0.7. Successful exploitation allows a remote attacker to potentially execute arbitrary code on the device, compromising its security and potentially the network it serves. A public exploit is now available, increasing the risk of immediate exploitation.
The stack-based buffer overflow vulnerability in the Tenda F451 router allows a remote attacker to send a specially crafted request to the /goform/AdvSetWrlsafeset endpoint, manipulating the mit_ssid parameter. This manipulation can overwrite critical memory regions on the router's stack, potentially leading to arbitrary code execution. An attacker could leverage this to gain complete control of the router, allowing them to modify configurations, intercept network traffic, launch attacks against other devices on the network, or exfiltrate sensitive data. The availability of a public exploit significantly increases the likelihood of widespread exploitation, particularly targeting vulnerable routers exposed to the internet.
CVE-2026-5988 is currently considered a high-risk vulnerability due to the availability of a public proof-of-concept exploit. It was publicly disclosed on 2026-04-09. While no confirmed exploitation campaigns have been publicly reported, the ease of exploitation and the router's common use in home and small office networks make it a prime target. The vulnerability is not currently listed on CISA KEV, but its severity and public exploit warrant close monitoring.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5988 is to upgrade the Tenda F451 router to a firmware version that includes a patch for this vulnerability. Check the Tenda support website for updated firmware releases. If an upgrade is not immediately available or causes instability, consider temporarily isolating the router from the internet to prevent remote exploitation. Implementing strict firewall rules to block access to the /goform/AdvSetWrlsafeset endpoint can also provide a temporary layer of protection. Monitor router logs for unusual activity, specifically requests to this endpoint with malformed mit_ssid parameters.
Update the Tenda F451 router firmware to a version corrected by the manufacturer. Consult the Tenda support website for more information on available firmware updates.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5988 is a critical vulnerability in the Tenda F451 router, allowing remote attackers to trigger a stack-based buffer overflow via manipulation of the mit_ssid parameter, potentially leading to code execution.
If you are using a Tenda F451 router with firmware versions 1.0.0 through 1.0.0.7, you are potentially affected by this vulnerability. Check your router's firmware version and upgrade if a patch is available.
The recommended fix is to upgrade your Tenda F451 router to a firmware version that includes a patch for this vulnerability. Check the Tenda support website for updated firmware releases.
While no confirmed exploitation campaigns have been publicly reported, a public proof-of-concept exploit is available, increasing the risk of exploitation.
Please refer to the Tenda support website for the latest advisories and firmware updates related to CVE-2026-5988.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.