Platform
tenda
Component
tenda
Fixed in
1.0.1
CVE-2026-6123 describes a critical vulnerability affecting the Tenda F451 router. This flaw, a stack-based buffer overflow, resides within the fromAddressNat function accessible via the /goform/addressNat endpoint. Successful exploitation allows for remote code execution, potentially granting an attacker complete control over the device. This vulnerability impacts Tenda F451 versions 1.0.0 through 1.0.0.7, and a public exploit is already available.
The stack-based buffer overflow vulnerability in Tenda F451 allows an attacker to overwrite critical memory regions, leading to arbitrary code execution. This means an attacker could potentially gain full control of the router, including the ability to modify configurations, intercept network traffic, and launch attacks against other devices on the network. Given the public availability of an exploit, the risk of exploitation is high. Compromise of the router could also lead to data exfiltration, including sensitive user credentials and network configurations. The blast radius extends to all devices connected to the affected router.
CVE-2026-6123 has been publicly disclosed and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vulnerability was published on 2026-04-12. It is not currently listed on CISA KEV, but the public exploit significantly increases the risk of active exploitation campaigns targeting vulnerable Tenda F451 routers.
Exploit Status
EPSS
0.09% (26% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-6123 is to upgrade the Tenda F451 firmware to a patched version. Unfortunately, a fixed version is not currently specified. As a temporary workaround, consider implementing strict firewall rules to restrict access to the /goform/addressNat endpoint from untrusted sources. Web Application Firewall (WAF) rules can be configured to detect and block malicious requests targeting this endpoint. Monitor router logs for unusual activity or attempts to exploit the vulnerability. If upgrading is not immediately possible, consider isolating the affected router from critical network segments to limit potential damage.
Update the Tenda F451 device firmware to a version corrected by the manufacturer. Refer to the official Tenda website or product documentation for update instructions and the latest firmware version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6123 is a HIGH severity buffer overflow vulnerability in Tenda F451 routers, allowing remote code execution through manipulation of the fromAddressNat function.
If you are using a Tenda F451 router running versions 1.0.0 through 1.0.0.7, you are potentially affected by this vulnerability.
Upgrade to a patched firmware version. As no fixed version is currently available, implement temporary workarounds like firewall restrictions and WAF rules.
Due to the public availability of an exploit, there is a high probability of active exploitation targeting vulnerable Tenda F451 routers.
Please refer to Tenda's official website or security advisory channels for updates and information regarding CVE-2026-6123.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.