Security Vulnerabilities
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-04-13
Access control vulnerability in the memo module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
4.1
EPSS Score
0.0
Published
2026-04-13
Race condition vulnerability in the event notification module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
2.2
EPSS Score
0.0
Published
2026-04-13
Stack overflow vulnerability in the media platform.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-13
Race condition vulnerability in the notification service.
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
1.9
EPSS Score
0.0
Published
2026-04-13
Vulnerability of improper permission control in the theme setting module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-04-13
A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-04-13
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-04-13
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-04-13
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-04-12