Home / Vulnerability Intelligence / CVE-2026-3398

CVE-2026-3398 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 1, 2026

Tenda F453 - Buffer Overflow

Published: March 1, 2026Updated: March 1, 2026Remote Exploitable

Overview

Tenda F453 1.0.0.3 contains a buffer overflow caused by manipulation of the wanmode/PPPOEPassword argument in /goform/AdvSetWan httpd component, letting remote attackers cause memory corruption, exploit requires crafted request.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Remote attackers can cause memory corruption leading to potential remote code execution or system crash.

Mitigation

Update to the latest version or apply vendor patches addressing this vulnerability.

References

https://vuldb.com/?submit.759630
https://www.tenda.com.cn/
https://github.com/Litengzheng/vul_db/blob/main/F453/vul_82/README.md
https://vuldb.com/?ctiid.348293
https://vuldb.com/?id.348293

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-3398
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H