A vulnerability classified as critical was found in Tenda F451 1.0.0.7/1.0.0.9 . The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface . Executing a manipulation of the argument page can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2026-11557 . The attack can be executed remotely. Additionally, an exploit exists.