CVE Catalog

CVE-2026-36777

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.06%

19th percentile - higher than 19% of all known CVEs

Summary

A stack overflow was discovered in the param_1 parameter of the formSetCfm function in the Tenda W3 Wireless Router v1.0.0.3(2204). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

The organization may experience service outages, leading to disruptions in operational activities.

Recommendation

It is recommended to update the router's firmware to the latest version to mitigate this vulnerability and to monitor network traffic for potential attacks.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the param_1 parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS