CVE-2026-3399

Sažetak

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

Reference

https://github.com/Litengzheng/vul_db/blob/main/F453/vul_83/README.md
https://vuldb.com/?ctiid.348294
https://vuldb.com/?id.348294
https://vuldb.com/?submit.759631
https://www.tenda.com.cn/

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

01-03-2026 - 23:16

Objavljeno

01-03-2026 - 23:16