CVE Catalog

CVE-2026-36794

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

Multiple stack overflows were discovered in the R7WebsSecurityHandler function in the Tenda W3 Wireless Router v1.0.0.3(2204), triggered by the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

The organization may experience service interruptions, leading to disruptions in operations and loss of user trust.

Recommendation

It is recommended to update the router's firmware to the latest version to mitigate these vulnerabilities and to monitor network traffic for potential attacks.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain multiple stack overflows in the R7WebsSecurityHandler function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS