CVE Catalog

CVE-2026-36806

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A buffer overflow was discovered in the webAuthUserPwd parameter of the formModifyWebAuthUser function in Tenda W15E v15.11.0.10. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

This vulnerability may lead to service disruption, impacting organizational operations and user trust.

Recommendation

It is recommended to update the device to the latest firmware version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS