Description
A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used.
Published: 2026-04-13
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow exists in the qossetting feature of Tenda F456 router firmware 1.0.0.5. The flaw occurs when the 'page' argument to the fromqossetting function in /goform/qossetting is processed, allowing an adversary to place crafted input that overruns a local stack buffer. Successful exploitation can lead to arbitrary code execution on the device, compromising confidentiality, integrity, and availability of the network.

Affected Systems

The vulnerability impacts the Tenda F456 router product, version 1.0.0.5. Only devices running this specific firmware build contain the flaw. No other Tenda products or versions are indicated as affected in the available data.

Risk and Exploitability

This flaw carries a CVSS score of 8.7, classifying it as high severity. The EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalogue, so the exact likelihood of exploitation in the wild cannot be quantified from the data. The description confirms that the exploit is remote, and public proof‑of‑concept code has been published, implying that an attacker can trigger the buffer overflow from outside the network by accessing the /goform/qossetting endpoint. The lack of a public patch means that systems remain exposed until an official firmware update is applied.

Generated by OpenCVE AI on April 13, 2026 at 21:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Acquire and install the latest firmware version from Tenda that does not include the vulnerable function.
  • If a patch is not yet released, restrict external access to the /goform/qossetting interface by configuring the router’s firewall or ACL settings to allow only trusted internal devices.
  • Monitor the router’s logs for anomalous access attempts to the qossetting API and investigate any suspicious activity.
  • Reach out to Tenda support for an update schedule or an interim advisory.

Generated by OpenCVE AI on April 13, 2026 at 21:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda f456
Vendors & Products Tenda
Tenda f456

Mon, 13 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used.
Title Tenda F456 qossetting fromqossetting stack-based overflow
Weaknesses CWE-119
CWE-121
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda F456
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-13T19:15:45.497Z

Reserved: 2026-04-13T08:48:15.082Z

Link: CVE-2026-6199

cve-icon Vulnrichment

Updated: 2026-04-13T19:15:40.952Z

cve-icon NVD

Status : Received

Published: 2026-04-13T19:16:58.033

Modified: 2026-04-13T19:16:58.033

Link: CVE-2026-6199

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:33:34Z

Weaknesses