📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global phishing Financial Services, Technology, Multiple Sectors CRITICAL 7h Global insider Education HIGH 1d Global supply_chain Software Development and Technology HIGH 1d Global apt Government/Critical Infrastructure CRITICAL 1d Global vulnerability Enterprise Software / Data Analytics CRITICAL 1d Global vulnerability Artificial Intelligence and Technology HIGH 1d Global general Technology and Artificial Intelligence MEDIUM 1d Global general Technology and Artificial Intelligence HIGH 1d Global vulnerability Higher Education CRITICAL 2d Global data_breach Government HIGH 2d Global phishing Financial Services, Technology, Multiple Sectors CRITICAL 7h Global insider Education HIGH 1d Global supply_chain Software Development and Technology HIGH 1d Global apt Government/Critical Infrastructure CRITICAL 1d Global vulnerability Enterprise Software / Data Analytics CRITICAL 1d Global vulnerability Artificial Intelligence and Technology HIGH 1d Global general Technology and Artificial Intelligence MEDIUM 1d Global general Technology and Artificial Intelligence HIGH 1d Global vulnerability Higher Education CRITICAL 2d Global data_breach Government HIGH 2d Global phishing Financial Services, Technology, Multiple Sectors CRITICAL 7h Global insider Education HIGH 1d Global supply_chain Software Development and Technology HIGH 1d Global apt Government/Critical Infrastructure CRITICAL 1d Global vulnerability Enterprise Software / Data Analytics CRITICAL 1d Global vulnerability Artificial Intelligence and Technology HIGH 1d Global general Technology and Artificial Intelligence MEDIUM 1d Global general Technology and Artificial Intelligence HIGH 1d Global vulnerability Higher Education CRITICAL 2d Global data_breach Government HIGH 2d
Vulnerabilities

CVE-2026-5991

High
CWE-119 — Weakness Type
Published: Apr 10, 2026  ·  Modified: Apr 16, 2026  ·  Source: NVD
CVSS v3
8.8
🔗 NVD Official
📄 Description (English)

A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

🤖 AI Executive Summary

A critical stack-based buffer overflow vulnerability exists in Tenda F451 wireless router firmware version 1.0.0.7, affecting the WrlExtraSet function. The vulnerability allows remote attackers to execute arbitrary code by manipulating the GO parameter, with no patch currently available. This poses significant risk to Saudi organizations relying on Tenda routers for network infrastructure.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 23, 2026 09:03
🇸🇦 Saudi Arabia Impact Assessment
High impact on Saudi telecommunications sector (STC, Mobily, Zain) and government agencies using Tenda routers for network infrastructure. Banking sector (SAMA-regulated institutions) at risk if routers used in branch networks or remote access infrastructure. Healthcare organizations and critical infrastructure operators using Tenda equipment for network connectivity face potential compromise. Small and medium enterprises (SMEs) across Saudi Arabia heavily rely on affordable Tenda routers, making them widespread targets. Energy sector (ARAMCO and related entities) potentially affected if Tenda routers deployed in operational technology networks.
🏢 Affected Saudi Sectors
Telecommunications (STC, Mobily, Zain) Banking and Financial Services Government and Public Administration Healthcare Energy and Utilities Small and Medium Enterprises Retail and E-commerce Education
⚖️ Saudi Risk Score (AI)
8.6
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:

1. Identify all Tenda F451 devices running firmware 1.0.0.7 in your network using network scanning tools

2. Isolate affected routers from critical systems and segment network access

3. Implement network-level access controls to restrict access to router management interfaces (typically port 80/443)

4. Monitor for suspicious connections to affected devices



COMPENSATING CONTROLS (until patch available):

5. Disable remote management features on affected routers

6. Restrict administrative access to trusted IP addresses only

7. Implement Web Application Firewall (WAF) rules to block malicious GO parameter payloads

8. Deploy intrusion detection signatures for buffer overflow attempts

9. Consider replacing Tenda F451 devices with alternative vendors offering security patches



DETECTION RULES:

10. Monitor HTTP POST requests to /goform/WrlExtraSet with oversized GO parameters

11. Alert on any firmware version 1.0.0.7 devices attempting remote connections

12. Track failed authentication attempts on router management interfaces

13. Implement packet inspection for shellcode patterns in WrlExtraSet requests
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:

1. تحديد جميع أجهزة Tenda F451 التي تعمل بالإصدار 1.0.0.7 في شبكتك باستخدام أدوات فحص الشبكة

2. عزل الأجهزة المتأثرة عن الأنظمة الحرجة وتقسيم الوصول إلى الشبكة

3. تطبيق عناصر تحكم الوصول على مستوى الشبكة لتقييد الوصول إلى واجهات إدارة الموجه

4. مراقبة الاتصالات المريبة بالأجهزة المتأثرة



عناصر التحكم البديلة (حتى توفر التصحيح):

5. تعطيل ميزات الإدارة البعيدة على الأجهزة المتأثرة

6. تقييد الوصول الإداري إلى عناوين IP الموثوقة فقط

7. تطبيق قواعد جدار حماية تطبيقات الويب لحجب حمولات معامل GO الضارة

8. نشر توقيعات كشف الاختراق لمحاولات تجاوز المخزن المؤقت

9. النظر في استبدال أجهزة Tenda F451 بموردين بدائل يوفرون تصحيحات أمنية



قواعد الكشف:

10. مراقبة طلبات HTTP POST إلى /goform/WrlExtraSet مع معاملات GO كبيرة الحجم

11. التنبيه على أي أجهزة بالإصدار 1.0.0.7 تحاول الاتصالات البعيدة

12. تتبع محاولات المصادقة الفاشلة على واجهات إدارة الموجه

13. تطبيق فحص الحزم للبحث عن أنماط shellcode في طلبات WrlExtraSet
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring of system use ECC 2024 A.13.1.1 - Network security perimeter
🔵 SAMA CSF
ID.RA-1 - Asset management and vulnerability identification PR.DS-6 - Integrity checking mechanisms DE.CM-1 - Network monitoring RS.MI-1 - Incident response procedures
🟡 ISO 27001:2022
A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development, acceptance and transition A.13.1.1 - Network security perimeter A.12.2.1 - Monitoring of system use
🟣 PCI DSS v4.0.1
Requirement 6.2 - Security patches and updates Requirement 11.2 - Vulnerability scanning Requirement 1.1 - Firewall configuration standards
📊 CVSS Score
8.8
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorN — None / Network
Attack ComplexityL — Low / Local
Privileges RequiredL — Low / Local
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityH — High
IntegrityH — High
AvailabilityH — High
📋 Quick Facts
Severity High
CVSS Score8.8
CWECWE-119
EPSS0.05%
Exploit No
Patch ✗ No
Published 2026-04-10
Source Feed nvd
Views 4
🇸🇦 Saudi Risk Score
8.6
/ 10.0 — Saudi Risk
Priority: CRITICAL
🏷️ Tags
CWE-119
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram

💬 Comments

0
Loading comments
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.