CVE-2026-3168Improper Restriction of Operations within the Bounds of a Memory Buffer in F453

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-120Classic Buffer Overflow3 documents3 sources
Severity
7.4HIGHNVD
EPSS
0.1%
top 74.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tenda F453Tenda F453 Firmware
Timeline
PublishedFeb 25

Description

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5tenda/f4531.0.0.3
NVDtenda/f453_firmware1.0.0.3

🔴Vulnerability Details

2
GHSA
GHSA-cf59-33h4-g872: A weakness has been identified in Tenda F453 12026-02-25
CVEList
Tenda F453 httpd NatStaticSetting fromNatStaticSetting buffer overflow2026-02-25
CVE-2026-3168 — Tenda F453 vulnerability | cvebase