CVE-2026-36779

Deferred Deferred - Pending Action

Stack Overflow in Tenda O3 Wireless Router

Publication date: 2026-06-09

Last updated on: 2026-06-10

Assigner: MITRE

Description

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, __s2, __s1_00, and puVar3 parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-10

Generated

2026-06-30

AI Q&A

2026-06-09

EPSS Evaluated

2026-06-28

NVD

CVE-2026-36779

Affected Vendors & Products

Vendor	Product	Version / Range
tenda	tenda_o3_wireless_router	1.0.0.5
tenda	o3	to 1.0.0.5 (inc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-121	A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

Executive Summary

The vulnerability exists in the Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router version 1.0.0.5(4180). It involves multiple stack overflow issues in the fromVirtualSer function, which can be triggered via specific parameters (puVar2, puVar1, __s2, __s1_00, and puVar3).

An attacker can exploit these stack overflows by sending a specially crafted HTTP request to the router.

This exploitation leads to a Denial of Service (DoS) condition, causing the router to crash or become unresponsive.

Impact Analysis

This vulnerability can impact you by causing a Denial of Service (DoS) on the affected Tenda O3 Wireless Router.

An attacker can send a crafted HTTP request that triggers stack overflows, leading the router to crash or stop functioning properly.

As a result, network connectivity and availability provided by the router could be disrupted, potentially affecting all devices relying on it for internet access.

Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-36779 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability can be detected by monitoring for crafted HTTP requests sent to the `fromVirtualSer` CGI endpoint of the Tenda O3 router firmware version 1.0.0.5. Specifically, detection involves identifying HTTP requests that include excessively long parameter values for `puVar2`, `puVar1`, `__s2`, `__s1_00`, and `puVar3`.

A practical approach is to capture and analyze HTTP traffic to the router and look for requests targeting the `fromVirtualSer` handler with unusually long parameter strings.

Example commands to detect such attempts might include using network packet capture and filtering tools like tcpdump or Wireshark, for instance:

tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'fromVirtualSer'
Use a custom script or tool to parse HTTP requests and flag those with parameter lengths exceeding normal thresholds for `puVar2`, `puVar1`, `__s2`, `__s1_00`, and `puVar3`.

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable `fromVirtualSer` CGI endpoint by implementing network-level controls such as firewall rules to block unauthorized HTTP requests to the router.

Additionally, monitoring and filtering incoming HTTP requests to detect and block those with suspiciously long parameters targeting the vulnerable handler can reduce exploitation risk.

If available, updating the router firmware to a version that patches this stack overflow vulnerability is the most effective mitigation.

Hi! I’m here to help you understand CVE-2026-36779. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70