CVE Catalog

CVE-2026-36770

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

12th percentile - higher than 12% of all known CVEs

Summary

A stack overflow was discovered in the Go parameter of the ask_to_reboot function in the Tenda US_W3V1.0BR v1.0.0.3 device. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.

Risk Assessment

The organization may experience service outages, leading to loss of user trust and potential financial losses.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor systems for unauthorized access attempts.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda US_W3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the ask_to_reboot function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS