CVE Catalog

CVE-2026-36786

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.80%

74th percentile - higher than 74% of all known CVEs

Summary

A stack overflow was discovered in the list1 parameter of the fromDhcpListClient function in the Tenda FH451 V1.0.0.9 device. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

This vulnerability may lead to device unavailability, impacting network continuity. A DoS attack can disrupt services provided by the device.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability. Additionally, monitor HTTP traffic for potential attack detection.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS