CVE-2026-6196 - Vulnerability Details

- Tenda F456 exeCommand fromexeCommand stack-based overflow

Description

A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Published: 2026-04-13

Score: 8.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A stack‑based buffer overflow exists in the fromexeCommand function of the Tenda F456 router. When the cmdinput parameter of the /goform/exeCommand endpoint is crafted, the overflow can modify control flow, leading to arbitrary code execution. The vulnerability maps to CWE‑119 (Buffer Overflow) and CWE‑121 (Stack‑Based Buffer Overflow), confirming that the flaw directly exploits stack corruption. If successfully exploited, an attacker could gain complete control of the router, compromising network security and potentially affecting all devices connected to it.

Affected Systems

The only explicitly vulnerable configuration is the Tenda F456 router running firmware 1.0.0.5. No other firmware versions are listed as affected, so the scope is limited to this specific release unless further updates indicate otherwise.

Risk and Exploitability

The CVSS base score of 8.7 places the issue in the High severity range, and the publicly available exploit confirms that the vulnerability can be triggered remotely. EPSS data is not available, so the precise likelihood is unknown, but the remote attack vector makes it readily exploitable by adversaries with network access. The vulnerability is not listed in the CISA KEV catalog, so it is up to each organization to assess its impact based on exposure to this router model.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Tenda

F456

affected

Version	Status	Constraints
`1.0.0.5`	affected	—

No data.

Vendor Product Confidence Versions

Tenda

F456

100%

Version	Status	Scheme	Platform
`1.0.0.5`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor‑supplied firmware update that patches the stack overflow.
If a patch is not yet available, isolate the router from external networks or disable remote access to the /goform/exeCommand endpoint.
Monitor router logs for abnormal command activity or signs of exploitation attempts.
Regularly check the manufacturer’s website for firmware releases and apply updates promptly.

Generated by OpenCVE AI on April 13, 2026 at 19:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00048.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_113/README.md
https://vuldb.com/submit/797467
https://vuldb.com/vuln/357118
https://vuldb.com/vuln/357118/cti
https://www.tenda.com.cn/

History

Thu, 16 Apr 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 14 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tenda Tenda f456
Vendors & Products		Tenda Tenda f456

Mon, 13 Apr 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Title		Tenda F456 exeCommand fromexeCommand stack-based overflow
Weaknesses		CWE-119 CWE-121
References		https://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_113/README.md https://vuldb.com/submit/797467 https://vuldb.com/vuln/357118 https://vuldb.com/vuln/357118/cti https://www.tenda.com.cn/
Metrics		cvssV2_0 `{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Tenda F456

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-13T17:45:13.583Z

Updated: 2026-04-16T13:26:41.460Z

Reserved: 2026-04-13T08:48:04.548Z

Link: CVE-2026-6196

Vulnrichment

Updated: 2026-04-16T13:26:30.204Z

NVD

Status : Deferred

Published: 2026-04-13T18:16:32.560

Modified: 2026-04-22T20:23:16.350

Link: CVE-2026-6196

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-14T16:33:46Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object