CVE-2026-36820
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk49th percentile - higher than 49% of all known CVEs
Summary
A buffer overflow vulnerability was discovered in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function in Tenda W20E v15.11.0.6. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Risk Assessment
This vulnerability may lead to service unavailability, impacting the continuity of organizational operations. A DoS attack can disrupt the normal functioning of systems and services.
Recommendation
It is recommended to update the device to the latest firmware version to mitigate this vulnerability. Additionally, monitor network traffic for potential attack attempts.
Original NVD description (English source)
Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

