Platform
tenda
Component
tenda
Fixed in
1.0.1
A critical vulnerability, CVE-2026-6120, has been identified in the Tenda F451 router, specifically affecting firmware versions 1.0.0 through 1.0.0.7. This vulnerability is a stack-based buffer overflow that can be exploited remotely. Successful exploitation could lead to a denial of service or potentially arbitrary code execution, compromising the router and any connected devices. A public exploit is now available, indicating an elevated risk.
The vulnerability lies within the /goform/DhcpListClient file, specifically in the fromDhcpListClient function. By manipulating the page argument, an attacker can trigger a buffer overflow, overwriting memory on the stack. This can lead to a denial-of-service condition, crashing the router and disrupting network connectivity. More concerningly, a successful buffer overflow could allow an attacker to execute arbitrary code on the router, gaining complete control over the device. This could be used to intercept network traffic, modify router configurations, or launch further attacks against other devices on the network. The existence of a public exploit significantly increases the likelihood of exploitation.
CVE-2026-6120 is currently considered a high-risk vulnerability due to the availability of a public exploit. While it's not yet listed on CISA KEV, the public exploit suggests a medium to high probability of exploitation in the wild. The vulnerability was publicly disclosed on 2026-04-12. Monitor security advisories from Tenda and security research communities for updates and potential exploitation campaigns.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-6120 is to upgrade the Tenda F451 router to a firmware version that addresses this vulnerability. Unfortunately, a fixed firmware version is not currently specified. Until a patch is released, consider implementing temporary workarounds to reduce the attack surface. These might include restricting access to the router's web interface from untrusted networks, enabling a firewall to block suspicious traffic, and monitoring router logs for unusual activity. If a rollback to a previous, more secure firmware version is possible, that could also be considered. After applying any mitigation, verify its effectiveness by attempting to trigger the vulnerability (if safe to do so in a test environment) or by reviewing router logs for any signs of exploitation attempts.
Update the firmware of the Tenda F451 device to a version corrected by the manufacturer. Refer to the official Tenda website or product documentation for instructions on how to update the firmware.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6120 is a buffer overflow vulnerability in the Tenda F451 router, allowing remote attackers to potentially crash the device or execute code.
If you are using a Tenda F451 router with firmware versions 1.0.0–1.0.0.7, you are potentially affected by this vulnerability.
Upgrade your Tenda F451 router to a patched firmware version. Check Tenda's website for updates, as a specific fixed version is not yet available.
A public exploit exists, indicating a medium to high probability of active exploitation.
Check the Tenda website's security advisories section for updates regarding CVE-2026-6120.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.