{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/4g300/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-7470"}],"_cs_exploited":false,"_cs_products":["4G300"],"_cs_severities":["critical"],"_cs_tags":["buffer-overflow","tenda","router","cve-2026-7470"],"_cs_type":"advisory","_cs_vendors":["Tenda"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability has been identified in Tenda 4G300 routers, specifically version US_4G300V1.0Mt_V1.01.42_CN_TDC01. The vulnerability resides within the \u003ccode\u003esub_427C3C\u003c/code\u003e function located in the \u003ccode\u003e/goform/SafeMacFilter\u003c/code\u003e file. An attacker can exploit this flaw by manipulating the \u003ccode\u003epage\u003c/code\u003e argument in a crafted request, leading to a buffer overflow and potentially allowing for arbitrary code execution on the affected device. The vulnerability, identified as CVE-2026-7470, poses a significant risk as remote exploitation is possible, and a proof-of-concept exploit is publicly available, increasing the likelihood of malicious actors leveraging this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a Tenda 4G300 router running the vulnerable firmware version US_4G300V1.0Mt_V1.01.42_CN_TDC01.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP POST request targeting the \u003ccode\u003e/goform/SafeMacFilter\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted request includes the \u003ccode\u003epage\u003c/code\u003e argument with a payload exceeding the buffer size allocated for it within the \u003ccode\u003esub_427C3C\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe router processes the HTTP request, passing the oversized \u003ccode\u003epage\u003c/code\u003e argument to the vulnerable function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003esub_427C3C\u003c/code\u003e function attempts to write the oversized data into a stack-based buffer, causing a buffer overflow.\u003c/li\u003e\n\u003cli\u003eThe buffer overflow overwrites adjacent memory on the stack, including the return address.\u003c/li\u003e\n\u003cli\u003eThe attacker redirects execution flow to a malicious code payload injected into the request or elsewhere in memory.\u003c/li\u003e\n\u003cli\u003eThe injected code executes with the privileges of the router process, potentially allowing the attacker to gain full control of the device.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability can lead to complete compromise of the Tenda 4G300 router. An attacker could gain unauthorized access to the device\u0026rsquo;s configuration, intercept network traffic, or use the router as a launching point for further attacks against other devices on the network or the internet. Given the widespread use of these routers in homes and small businesses, a successful attack could impact a large number of users.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor web server logs for unusual POST requests to \u003ccode\u003e/goform/SafeMacFilter\u003c/code\u003e with abnormally long \u003ccode\u003epage\u003c/code\u003e parameters. Use the provided Sigma rule to detect suspicious activity.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on the \u003ccode\u003e/goform/SafeMacFilter\u003c/code\u003e endpoint to mitigate potential brute-force exploitation attempts.\u003c/li\u003e\n\u003cli\u003eApply any available patches or firmware updates released by Tenda to address CVE-2026-7470.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules in this brief to your SIEM and tune for your environment.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-30T03:16:01Z","date_published":"2026-04-30T03:16:01Z","id":"/briefs/2026-04-tenda-stack-overflow/","summary":"A remote stack-based buffer overflow vulnerability exists in the Tenda 4G300 router, version US_4G300V1.0Mt_V1.01.42_CN_TDC01, allowing an attacker to potentially execute arbitrary code by manipulating the 'page' argument to the sub_427C3C function in the /goform/SafeMacFilter file.","title":"Tenda 4G300 Stack-Based Buffer Overflow Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-tenda-stack-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — 4G300","version":"https://jsonfeed.org/version/1.1"}