Platform
tenda
Component
tenda
Fixed in
1.0.1
CVE-2026-6122 describes a stack-based buffer overflow vulnerability discovered in the Tenda F451 router, specifically within the /goform/L7Prot endpoint. Successful exploitation could lead to denial of service or, in a worst-case scenario, arbitrary code execution. This vulnerability affects versions 1.0.0 through 1.0.0.7 and has been publicly disclosed, increasing the risk of immediate exploitation.
The stack-based buffer overflow in Tenda F451 allows a remote attacker to send a specially crafted HTTP request to the /goform/L7Prot endpoint, overwriting portions of the router's memory. This can lead to a denial-of-service condition, rendering the router unresponsive. More critically, an attacker could potentially overwrite critical program code, gaining arbitrary code execution on the device. Given the router's role in network connectivity, a successful exploit could provide a foothold for further attacks within the internal network, potentially leading to data breaches and compromise of connected devices. The public disclosure of this vulnerability significantly increases the likelihood of exploitation attempts.
CVE-2026-6122 has been publicly disclosed, indicating a higher probability of exploitation. While no specific exploit details beyond the vulnerability type have been publicly released, the availability of information increases the risk of attackers developing and deploying exploits. The vulnerability is currently not listed on CISA KEV, but its severity and public disclosure warrant close monitoring. Public proof-of-concept code is not yet available, but the vulnerability's nature suggests that it could be relatively straightforward to exploit.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-6122 is to upgrade the Tenda F451 firmware to a patched version as soon as it becomes available from Tenda. Until a patch is available, implement temporary workarounds to reduce the attack surface. These include deploying a Web Application Firewall (WAF) to filter malicious requests targeting the /goform/L7Prot endpoint. Network segmentation can also limit the potential impact of a successful exploit by isolating the router from sensitive internal resources. Monitor router logs for unusual activity, particularly HTTP requests containing unexpected or excessively long parameters. Consider disabling the /goform/L7Prot endpoint if it is not essential for router functionality.
Update the firmware of your Tenda F451 device to a patched version. Refer to the official Tenda website or product documentation for instructions on how to update the firmware. The vulnerability is a stack buffer overflow, so updating the firmware is the most effective solution to mitigate the risk.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6122 is a HIGH severity stack-based buffer overflow vulnerability affecting the /goform/L7Prot endpoint of Tenda F451 routers, potentially allowing remote code execution.
If you are using a Tenda F451 router running versions 1.0.0 through 1.0.0.7, you are potentially affected by this vulnerability.
Upgrade your Tenda F451 router to the latest available firmware version from Tenda. Until a patch is available, implement WAF rules and network segmentation.
While no confirmed exploitation is currently public, the vulnerability has been disclosed, increasing the risk of exploitation attempts.
Refer to the Tenda website or their security advisory page for updates and official information regarding CVE-2026-6122.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.