A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/fun…

A stack-based buffer overflow vulnerability was discovered in Tenda FH451 router version 1.0.0.9. The vulnerability affects the fromSetCfm function in the /goform/setcfm file, where manipulation of the funcname/funcpara1 arguments leads to buffer overflow. The vulnerability can be exploited remotely and public exploits are available. This poses a high security risk as attackers can potentially execute arbitrary code or cause denial of service on affected devices. The vulnerability has been assigned CVE-2026-3677 and affects network infrastructure equipment widely used in home and small office environments.