CVE 8.7 HIGH

Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow_CVE-2026-6630

April 20, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Tenda F451 1.0.0.0. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.

AI Analysis

Buffer overflow in Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer function via dips argument manipulation

Basic Information

ID CVE-2026-6630

Source VulDB

Published Apr 20, 2026 at 10:30

Affected Product

Vendor Tenda

Product F451

Version 1.0.0.7_cn_svn7958

Affected Versions Tenda F451 1.0.0.7_cn_svn7958

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Tenda

Product F451

Version 1.0.0.7_cn_svn7958

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Tenda F451 1.0.0.0. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.",
    "published": "2026-04-20T10:30:15.493Z",
    "modified": "2026-04-20T10:30:15.493Z",
    "type": "cve",
    "title": "Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/358264\nhttps://vuldb.com/vuln/358264/cti\nhttps://vuldb.com/submit/792882\nhttps://github.com/Jimi-Lab/cve/issues/23\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-6630",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda F451 1.0.0.7_cn_svn7958",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "F451",
    "version": "1.0.0.7_cn_svn7958",
    "vendor": "Tenda",
    "ai_description": "Buffer overflow in Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer function via dips argument manipulation",
    "ai_severity": "High",
    "ai_vendor": "Tenda",
    "ai_product": "F451",
    "ai_version": "1.0.0.7_cn_svn7958",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply