CVE-2026-3376
Published: 28 February 2026
Summary
CVE-2026-3376 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda F453 Firmware. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 14.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements input validation mechanisms to prevent buffer overflows triggered by manipulated arguments like 'page' in the fromSafeMacFilter function.
Requires timely identification, reporting, and correction of flaws such as this buffer overflow vulnerability in Tenda F453 firmware.
Deploys memory protections like ASLR and DEP to mitigate exploitation of buffer overflows for arbitrary code execution or denial of service.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public web interface (/goform/SafeMacFilter) of network device directly enables remote exploitation of public-facing application (T1190); low-privilege requirement with full C/I/A impact indicates use for privilege escalation via arbitrary code execution (T1068).
NVD Description
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely.…
more
The exploit has been disclosed publicly and may be used.
Deeper analysisAI
CVE-2026-3376 is a buffer overflow vulnerability (CWE-119, CWE-120) in Tenda F453 firmware version 1.0.0.3. The flaw affects the fromSafeMacFilter function in the /goform/SafeMacFilter file, where manipulation of the "page" argument triggers the overflow. Published on 2026-02-28, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity.
Attackers can exploit this remotely over the network with low complexity and low privileges, requiring no user interaction. Successful exploitation grants high impacts on confidentiality, integrity, and availability, potentially allowing arbitrary code execution or denial of service. The exploit has been publicly disclosed and may be used, as detailed in available proof-of-concept materials.
Advisories from VulDB (vuldb.com/?ctiid.348261, vuldb.com/?id.348261, vuldb.com/?submit.759623) and a GitHub repository (github.com/Litengzheng/vul_db/blob/main/F453/vul_76/README.md) provide further technical details. The vendor's website (tenda.com.cn) is referenced for potential patches or mitigation guidance.
Details
- CWE(s)