ГлавнаяУязвимости → CVE-2026-7054
8.8высокая

CVE-2026-7054

Описание

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Затрагиваемое ПО
Tenda F456 firmwareTenda F456
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_125/README.mdhttps://vuldb.com/submit/798456https://vuldb.com/vuln/359627https://vuldb.com/vuln/359627/ctihttps://www.tenda.com.cn/