Skip to content
CVSS 8.8 · HIGH

CVE-2026-7031

A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.

View on NVD

Analysis

This is a buffer overflow in the firmware of a specific Tenda router model. The instructions explicitly classify vendor-specific firmware for consumer IoT devices like Tenda routers as not relevant to the MexicoDev stack, which focuses on web/mobile/backend development and server infrastructure.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-119CWE-120

EPSS

Probability of exploitation (next 30 days): 0.0008 (0.1%)
Percentile: 23.2%
EPSS: 2026-05-06

Affects

tenda:f456_firmwaretenda:f456

Technical description

A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.

Published: 4/26/2026, 10:16:02 AM
Last modified: 4/29/2026, 6:29:13 PM

References

HomeEventsBlogResourcesTeam