CVE-2026-7100

· NIST NVD ↗

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

HIGH
CVSS severity
8.8
CVSS base score
2026-04-27
Published

CWE codes

CWE-119CWE-120

Affected products

tenda:f456_firmwaretenda:f456

Sources