CVE-2026-6123
Published: 12 April 2026
Summary
CVE-2026-6123 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Com (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 requires timely remediation of identified flaws like this stack-based buffer overflow in the httpd component, preventing exploitation via firmware patching.
SI-10 enforces validation of inputs such as the 'entrys' argument to block manipulations that trigger the stack-based buffer overflow.
SI-16 implements memory protections like stack canaries and address space layout randomization to mitigate exploitation of stack-based buffer overflows.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in public-facing httpd web interface on router enables remote arbitrary code execution with low privileges, directly mapping to exploitation of public-facing applications.
NVD Description
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible.…
more
The exploit has been made public and could be used.
Deeper analysisAI
CVE-2026-6123 is a stack-based buffer overflow vulnerability affecting the Tenda F451 router on firmware version 1.0.0.7. The flaw exists in the fromAddressNat function within the /goform/addressNat file of the httpd component, triggered by manipulation of the entrys argument. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation over the network by attackers possessing low privileges, requiring low complexity and no user interaction. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution on the affected device.
Advisories and additional details are available via references including https://github.com/Jimi-Lab/cve/issues/15, https://vuldb.com/submit/792873, https://vuldb.com/submit/792879, https://vuldb.com/vuln/356986, and https://vuldb.com/vuln/356986/cti. An exploit has been made public and could be used, as noted in the disclosure published on 2026-04-12.
Details
- CWE(s)