CVE-2026-36813
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A buffer overflow vulnerability was discovered in the picCropName parameter of the formCropAndSetWewifiPic function in Tenda W15E v15.11.0.10. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Risk Assessment
This vulnerability may lead to service unavailability, impacting organizational operations and user trust.
Recommendation
It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor network traffic for potential attack attempts.
Original NVD description (English source)
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

