Platform
tenda
Component
tenda
Fixed in
1.0.1
CVE-2026-6124 describes a stack-based buffer overflow vulnerability affecting the Tenda F451 router. This flaw allows attackers to potentially execute arbitrary code remotely by manipulating input parameters. The vulnerability impacts versions 1.0.0 through 1.0.0.7 of the router firmware. A patch is expected from Tenda.
Successful exploitation of CVE-2026-6124 could allow an attacker to gain complete control of the affected Tenda F451 router. This includes the ability to modify router configurations, intercept network traffic, and potentially pivot to other devices on the network. The remote nature of the vulnerability significantly expands the attack surface, as no local access is required. Given the router's role as a gateway, a compromised device could be used to launch attacks against internal resources or exfiltrate sensitive data. The publicly disclosed nature of this exploit increases the likelihood of widespread exploitation.
CVE-2026-6124 has been publicly disclosed, indicating a higher probability of exploitation. The availability of a public exploit further increases the risk. As of the current date, there is no indication of active campaigns targeting this vulnerability, but the ease of exploitation suggests it could become a target. The vulnerability has been added to the CISA KEV catalog, signifying a potential risk to critical infrastructure. No specific actor groups have been linked to exploitation.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-6124 is to upgrade the Tenda F451 router to a patched firmware version as soon as it becomes available. Until a patch is released, consider implementing temporary workarounds such as restricting access to the /goform/SafeMacFilter endpoint using a firewall or access control list. Monitor router logs for unusual activity, particularly requests containing manipulated 'page/menufacturer' parameters. While a WAF might offer some protection, its effectiveness depends on the specific rules and configuration. After upgrading, verify the fix by attempting to trigger the vulnerability with a crafted request and confirming that it is no longer exploitable.
Update the Tenda F451 device firmware to a version corrected by the manufacturer. Refer to the official Tenda website or product documentation for instructions on how to update the firmware.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6124 is a buffer overflow vulnerability in Tenda F451 routers versions 1.0.0–1.0.0.7, allowing remote code execution via manipulation of the 'page/menufacturer' argument.
If you are using a Tenda F451 router running version 1.0.0 through 1.0.0.7, you are potentially affected by this vulnerability.
Upgrade your Tenda F451 router to the latest patched firmware version as soon as it is released by Tenda. Until then, restrict access to the vulnerable endpoint.
While no active campaigns have been confirmed, the vulnerability is publicly disclosed and a public exploit exists, increasing the likelihood of exploitation.
Please refer to the Tenda website or security advisories for the official advisory regarding CVE-2026-6124.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.