CVE Catalog

CVE-2026-36791

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

A stack overflow vulnerability was discovered in the save_list_data parameter of the formSetCfm function in Tenda O3v3 v1.0.0.5. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

This vulnerability can lead to service unavailability, impacting the organization's operational continuity. A DoS attack may disrupt the normal functioning of the device and associated services.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability. Additionally, monitoring network traffic for potential attack attempts is advised.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5 was discovered to contain a stack overflow in the save_list_data parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS