CVE Catalog

CVE-2026-36819

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

49th percentile - higher than 49% of all known CVEs

Summary

A buffer overflow was discovered in the bindMACAddr parameter of the fromSetDhcpRules function in Tenda W20E version 15.11.0.6. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Risk Assessment

The organization may experience service outages, leading to disruptions in operational activities.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor network traffic for potential attacks.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS