High severity8.8NVD Advisory· Published Apr 13, 2026· Updated Apr 22, 2026

CVE-2026-6196

Description

A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Affected products

TendaF456/F456inferred
Range: =1.0.0.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Litengzheng/vuldb_new/blob/main/F456/vul_113/README.mdnvd
vuldb.com/submit/797467nvd
vuldb.com/vuln/357118nvd
vuldb.com/vuln/357118/ctinvd
www.tenda.com.cnnvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000