CVE Catalog

CVE-2026-36779

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

The Tenda O3 Wireless Router v1.0.0.5(4180) contains multiple stack overflows in the fromVirtualSer function, which can lead to Denial of Service (DoS) attacks via crafted HTTP requests.

Risk Assessment

Exploitation of these vulnerabilities may result in service unavailability, impacting organizational continuity and potentially leading to loss of user trust.

Recommendation

It is recommended to update the router's firmware to the latest version to mitigate these vulnerabilities and to monitor network traffic for potential attacks.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, __s2, __s1_00, and puVar3 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS