CVE 8.7 HIGH

Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow_CVE-2026-7055

April 26, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

AI Analysis

Buffer overflow vulnerability in Tenda F456 httpd VirtualSer fromVirtualSer function, allowing remote attacks.

Basic Information

ID CVE-2026-7055

Source VulDB

Published Apr 26, 2026 at 18:00

Affected Product

Vendor Tenda

Product F456

Version 1.0.0.5

Affected Versions Tenda F456 1.0.0.5

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Tenda

Product F456

Version 1.0.0.5

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2026-04-26T18:00:19.074Z",
    "modified": "2026-04-26T18:00:19.074Z",
    "type": "cve",
    "title": "Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359628\nhttps://vuldb.com/vuln/359628/cti\nhttps://vuldb.com/submit/798457\nhttps://github.com/Litengzheng/vuldb_new/blob/main/F456/vul_126/README.md\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-7055",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda F456 1.0.0.5",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "F456",
    "version": "1.0.0.5",
    "vendor": "Tenda",
    "ai_description": "Buffer overflow vulnerability in Tenda F456 httpd VirtualSer fromVirtualSer function, allowing remote attacks.",
    "ai_severity": "High",
    "ai_vendor": "Tenda",
    "ai_product": "F456",
    "ai_version": "1.0.0.5",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply