Home / Vulnerability Intelligence / CVE-2026-3726

CVE-2026-3726 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 9, 2026

Tenda F453 - Buffer Overflow

Published: March 8, 2026Updated: March 9, 2026PoC AvailableRemote Exploitable

Overview

Tenda F453 1.0.0.3 contains a stack-based buffer overflow caused by manipulation of the "page" argument in /goform/webExcptypemanFilter, letting remote attackers execute arbitrary code, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.6%(Probability of exploitation in next 30 days)

Impact

Remote attackers can execute arbitrary code, potentially leading to full system compromise.

Mitigation

Update to the latest version.

References

Social Media Activity(2 posts)

Offensive Sequence

@offseq

Mar 8, 2026

🚨 CVE-2026-3726 (HIGH, CVSS 8.7) in Tenda F453 (v1.0.0.3): Stack buffer overflow in /goform/webExcptypemanFilter enables remote, unauthenticated code execution. Public exploit code raises risk — restrict access & monitor now! https://radar.offseq.com/threat/cve-2026-3726-stack-based-buffer-overflow-in-tenda-6f0be4bc #OffSeq #Vuln #Infosec

View original post

TheHackerWire

@thehackerwire

Mar 8, 2026

🟠 CVE-2026-3726 - High (8.8) A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initia... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3726/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-3726
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: confirmed
EPSS: 4.6%
Social Posts: 2

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.6%Probability of exploitation in the next 30 days