Vulnerability Overview Vulnerability Name: Tenda F451 1.0.0.7_cn_svn7958 httpd /goform/GstDhcpSetSer fromGstDhcpSetSer dips buffer overflow CVE ID: CVE-2026-6630 CVSS Score: 8.0 (Critical) Vulnerability Type: Buffer Overflow Description: In the httpd component of Tenda F451 1.0.0.7_cn_svn7958, the function contains a buffer overflow vulnerability. This flaw allows an attacker to trigger a buffer overflow by manipulating the parameter, potentially leading to remote code execution. Impact Scope Affected Product: Tenda F451 1.0.0.7_cn_svn7958 Affected Component: httpd /goform/GstDhcpSetSer Impact Level: Critical Attack Vector: Remote Attack Complexity: Low Privileges Required: None User Interaction: None Impact Scope: Confidentiality, Integrity, Availability Remediation Plan Current Status: No known mitigations Recommended Measures: Replace the affected product or use an alternative product Patch Information: No specific patch information provided Additional Information Vulnerability Discovery Date: April 19, 2026 Discoverer: Jxm666 Source: github.com Status: Proof-of-Concept Exploit Code No specific POC code or exploit code is provided on the page. Summary A critical buffer overflow vulnerability (CVE-2026-6630) exists in the httpd component of Tenda F451 1.0.0.7_cn_svn7958. This vulnerability allows remote attackers to trigger a buffer overflow by manipulating the parameter, which may result in remote code execution. Currently, no known mitigations exist; users are advised to replace the affected product or use an alternative product as soon as possible.