CVE Catalog

CVE-2026-36793

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

The Tenda W3 wireless router version 1.0.0.3(2204) contains multiple stack overflows in the formwrlSSIDset function triggered by the mit_ssid and mis_ssid_index parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

The organization may experience service outages, leading to disruptions in operations and potential loss of customer trust.

Recommendation

It is recommended to update the router's firmware to the latest version to mitigate these vulnerabilities and to monitor network traffic for potential attacks.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain multiple stack overflows in the formwrlSSIDset function via the mit_ssid and mis_ssid_index parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS