CVE-2026-36777
Deferred Deferred - Pending Action
Stack Overflow in Tenda W3 Wireless Router

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the param_1 parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-36777
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
shenzhen_tenda_technology_co_ltd tenda_w3_wireless_router 1.0.0.3
tenda w3 to 1.0.0.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-36777 is a stack-based buffer overflow vulnerability found in the Tenda W3 Wireless Router firmware version 1.0.0.3(2204). It occurs in the formSetCfm function, specifically when handling user-supplied parameters without proper length validation. An attacker can send a specially crafted HTTP request to the formSetCfm endpoint with an overly long parameter, causing the router to overflow its buffer. This can lead to a denial of service or potentially allow arbitrary code execution.

Impact Analysis

This vulnerability can impact you by allowing an attacker to cause a denial of service (DoS) on your Tenda W3 Wireless Router, making the device unavailable or unresponsive. Additionally, because the buffer overflow may allow arbitrary code execution, an attacker might gain control over the router, potentially compromising your network security.

Detection Guidance

This vulnerability can be detected by monitoring for HTTP requests sent to the formSetCfm CGI endpoint of the Tenda W3 Wireless Router firmware version 1.0.0.3(2204). Specifically, detection involves identifying unusually long or crafted funcpara1 parameters in requests where funcname equals save_list_data.

A practical approach is to capture network traffic and filter HTTP requests targeting the formSetCfm endpoint, then inspect the length and content of the funcpara1 parameter.

Example commands to detect such attempts might include:

  • Using tcpdump to capture HTTP traffic to the router's IP on port 80: tcpdump -A -s 0 'host <router_ip> and tcp port 80'
  • Using grep or similar tools on captured traffic to find requests containing 'formSetCfm' and 'funcname=save_list_data'.
  • Using a web proxy or intrusion detection system (IDS) with custom rules to alert on HTTP requests with overly long funcpara1 parameters to formSetCfm.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable formSetCfm endpoint on the Tenda W3 Wireless Router to trusted users only, such as by implementing firewall rules or network segmentation.

Additionally, monitoring and blocking suspicious HTTP requests with unusually long funcpara1 parameters targeting the formSetCfm endpoint can help prevent exploitation.

If possible, update the router firmware to a version that patches this stack overflow vulnerability once it becomes available from the vendor.

Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-36777 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36777. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart