Vulnerability Overview Vulnerability Name: Tenda F451 1.0.0.7_cn_svn7958 httpd webExcTypemanFilter page buffer overflow CVE ID: CVE-2026-6631 CVSS Score: 8.0 (Critical) Description: This vulnerability exists in the httpd component of the Tenda F451 router, specifically in the function. An attacker can trigger a buffer overflow by manipulating the parameter, thereby achieving remote code execution. Impact Scope Affected Product: Tenda F451 Affected Version: 1.0.0.7_cn_svn7958 Vulnerability Type: Buffer overflow Exploitation Method: Remote exploitation Impact: Confidentiality, integrity, and availability are all affected Remediation Plan Current Status: No known mitigations Recommendation: Replace the affected product or use an alternative product POC Code / Exploit Code No specific POC code or exploit code is provided on the page, but it mentions that an exploit is available on github.com and is declared as proof-of-concept. Additional Information CVSS Score Details: - CVSSv4: 8.0 - CVSSv3: 8.0 - CVSSv2: 8.0 CPE Information: - CPE 2.3: cpe:/o:router:operating_system - CPE 2.2: cpe:/o:router:operating_system Vulnerability Sources: - Vendor: tenda.com.cn - Advisory: github.com - CVE: CVE-2026-6631 - GCVE: GCVE-002026-6631 - scip Labs: https://www.scip.ch/en/?ids=20161013 Timeline: - Advisory Disclosed: 04/19/2026 - VulDB Entry Created: 04/19/2026 - VulDB Entry Last Update: 04/19/2026 Entry Information: - Created: 04/19/2026 07:11 PM - Changes: 04/19/2026 07:11 PM (58) - Submitter: jimi666 - Cache ID: 5:Bf4:109 Submit Information: - Accepted: Submit #792904: Tenda F451_kfw_V1.0.0.7_cn_svn7958 V1.0.0.7 Buffer Overflow (by jimi666) Discussion: - Comments: No comments yet - Languages: en Splunk App: - Download: Download it now for free! Footer: - Copyright: © 1997-2026 vuldb.com - Links: de · en · fr · it · pt · zh · ja · ko · ru · ar · show more - Pool: USA20.2.2