CVE Catalog

CVE-2026-36815

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

A buffer overflow vulnerability was discovered in the hostname parameter of the formSetNetCheckTools function in Tenda W15E version 15.11.0.10. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

This vulnerability can lead to service unavailability, impacting the organization's operational continuity. Attackers can remotely disrupt the device's functionality, potentially causing network access interruptions.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability. Additionally, monitoring HTTP traffic for potential attack attempts is advisable.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS