HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-5021 — A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPU...

Sunday, March 29, 2026 at 02:16 AM UTC·Source: NIST NVD

Updated: Friday, April 3, 2026 at 09:52 PM UTC

Executive Summary

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Analysis

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. CVSS Score: 8.8. Published: 2026-03-29T02:16:17.377.

Indicators of Compromise (2)

CVE (1)
CVE-2026-5021
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Mar 29, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Inconsistent Privacy Labels Don't Tell Users What They Are Getting

Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.

Dark Reading
MEDIUMVulnerability

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. [...]

BleepingComputer
MEDIUMVulnerability

FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic

Voxbeam’s actions allegedly led to “financial impersonation robocalls” that were made to American consumers “ using “non-compliant and long dormant accounts,” the FCC said.

The Record