Home / Vulnerability Intelligence / CVE-2026-3377

CVE-2026-3377 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 3, 2026

Tenda F453 - Buffer Overflow

Published: March 1, 2026Updated: March 3, 2026PoC AvailableRemote Exploitable

Overview

Tenda F453 1.0.0.3 contains a buffer overflow caused by manipulation of the "page" argument in /goform/SafeUrlFilter, letting remote attackers cause memory corruption, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.6%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption, potentially leading to denial of service or remote code execution.

Mitigation

Update to the latest version.

References

Social Media Activity(2 posts)

Offensive Sequence

@offseq

Mar 1, 2026

⚠️ CVE-2026-3377 (HIGH): Buffer overflow in Tenda F453 v1.0.0.3 via /goform/SafeUrlFilter. Public exploit available, no patch yet. Restrict device access & monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-3377-buffer-overflow-in-tenda-f453-c140c206 #OffSeq #Vulnerability #Tenda #Infosec

View original post

TheHackerWire

@thehackerwire

Mar 1, 2026

🟠 CVE-2026-3377 - High (8.8) A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated ... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3377/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-3377
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: confirmed
EPSS: 4.6%
Social Posts: 2

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.6%Probability of exploitation in the next 30 days