Volerion logoVolerion
Volerion logoVolerion

Tenda FH451 Stack-Based Buffer Overflow Vulnerability in AdvSetWan Function

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Tenda FH451 router, specifically in version 1.0.0.9. The issue arises in the function 'sub_3C434' within the file '/goform/AdvSetWan'. The vulnerability is triggered by manipulating the 'wanmode' and 'PPPOEPassword' parameters. When 'wanmode' is set to 2, the lack of length validation allows for a buffer overflow, which can be exploited remotely. This vulnerability has been publicly disclosed and is associated with the CVE identifier CVE-2026-3678.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/AdvSetWan' with the 'wanmode' parameter set to 2 and the 'PPPOEPassword' parameter filled with a long string. The absence of length checks will cause the stack-based buffer overflow.

Added: Mar 7, 2026, 11:19 PM
Updated: Mar 7, 2026, 11:19 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
7.5
exploitability
8.5
remediation
7.7
relevance
3.8
threat
6.4
urgency
2.9
incentive
8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.