HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-6121 — A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is t...

·Source: NIST NVD

Updated:

Executive Summary

A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.

Analysis

A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used. CVSS Score: 8.8. Published: 2026-04-12T08:16:36.467.

Indicators of Compromise (2)

CVE (1)
CVE-2026-6121
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Apr 12, 2026. Verified by: NIST.

Related Threats

CRITICALVulnerability

NVD CRITICAL: CVE-2024-58349 — WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerabilit...

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.

CVE-2024-58349
NIST NVD
CRITICALVulnerability

NVD CRITICAL: CVE-2024-58348 — WordPress Background Image Cropper version 1.2 contains a remote code execution ...

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary code on the server.

CVE-2024-58348
NIST NVD
CRITICALVulnerability

NVD CRITICAL: CVE-2023-54352 — WordPress Seotheme contains a remote code execution vulnerability that allows un...

WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands and upload additional files for persistent access.

CVE-2023-54352
NIST NVD