HIGHCVE-2026-6133CVSS 8.8

CVE-2026-6133: Buffer Overflow in Tenda F451 SafeUrlFilter

Platform

tenda

Component

tenda

Fixed in

1.0.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026

View on NVD

Save

A critical buffer overflow vulnerability (CVE-2026-6133) has been discovered in the Tenda F451 SafeUrlFilter, specifically affecting versions between 1.0.0 and 1.0.0.7cnsvn7958. This flaw resides within the /goform/SafeUrlFilter function and allows remote attackers to trigger a stack-based buffer overflow by manipulating the 'page' argument. A public exploit is already available, increasing the risk of immediate exploitation.

Impact and Attack Scenarios

The vulnerability allows a remote attacker to execute arbitrary code on the affected Tenda F451 router. By crafting a malicious request targeting the /goform/SafeUrlFilter endpoint, an attacker can overwrite memory on the stack, potentially gaining control of the device. Successful exploitation could lead to complete system compromise, including data theft, configuration modification, and the use of the router as a pivot point for further attacks within the network. The availability of a public exploit significantly elevates the risk, making it a high-priority concern.

Exploitation Context

CVE-2026-6133 is publicly known and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vulnerability was disclosed on 2026-04-12. It is not currently listed on CISA KEV, but its public availability warrants close monitoring. Given the ease of exploitation, organizations using the affected Tenda F451 models should prioritize remediation.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

Reports1 threat report

EPSS

0.05% (15% percentile)

CISA SSVC

Exploitationpoc

Automatableno

Technical Impact

Affected Software

Componenttenda

VendorTenda

Affected rangeFixed in

1.0.0.7_cn_svn7958 – 1.0.0.7_cn_svn79581.0.1

Weakness Classification (CWE)

CWE-121 CWE-119

Timeline

Reserved2026-04-12
Published2026-04-12
Modified2026-04-13
EPSS updated2026-04-20

Unpatched — 42 days since disclosure

Mitigation and Workarounds

The primary mitigation is to upgrade the Tenda F451 firmware to a patched version. Unfortunately, a fixed version is not yet specified in the CVE details. As a temporary workaround, consider implementing strict input validation on the 'page' parameter within the /goform/SafeUrlFilter endpoint, if possible. Network segmentation can limit the potential blast radius of a successful exploit. Monitor router logs for unusual activity or attempts to access the /goform/SafeUrlFilter endpoint. A WAF configured to detect buffer overflow attempts targeting this endpoint could also provide some protection.

How to fix

Update the firmware of your Tenda F451 device to a patched version to mitigate the risk of buffer overflow. Refer to the official Tenda website or support channels for the latest firmware version.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-6133 — Buffer Overflow in Tenda F451 SafeUrlFilter?

CVE-2026-6133 is a HIGH severity buffer overflow vulnerability in the Tenda F451 SafeUrlFilter, allowing remote attackers to potentially gain control of the router.

Am I affected by CVE-2026-6133 in Tenda F451 SafeUrlFilter?

You are affected if you are using a Tenda F451 router running versions 1.0.0–1.0.0.7cnsvn7958.

How do I fix CVE-2026-6133 in Tenda F451 SafeUrlFilter?

Upgrade to a patched firmware version. As of this writing, a fixed version is not yet available; monitor Tenda's website for updates.

Is CVE-2026-6133 being actively exploited?

Yes, a public proof-of-concept exploit is available, indicating a high probability of active exploitation.

Where can I find the official Tenda advisory for CVE-2026-6133?

Check the Tenda support website for advisories related to CVE-2026-6133: https://www.tenda.com/support