CVE-2026-36794
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk49th percentile - higher than 49% of all known CVEs
Summary
Multiple stack overflows were discovered in the R7WebsSecurityHandler function in the Tenda W3 Wireless Router v1.0.0.3(2204), triggered by the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Risk Assessment
The organization may experience service interruptions, leading to disruptions in operations and loss of user trust.
Recommendation
It is recommended to update the router's firmware to the latest version to mitigate these vulnerabilities and to monitor network traffic for potential attacks.
Original NVD description (English source)
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain multiple stack overflows in the R7WebsSecurityHandler function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

