CVE-2026-36789
Deferred Deferred - Pending Action

Stack Overflow in Tenda AC1206 Router Firmware

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-29
AI Q&A
2026-06-08
EPSS Evaluated
2026-06-27
NVD
CVE-2026-36789
EUVD
EUVD-2026-35076

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
tenda ac1206 15.03.06.23

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-36789 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-36789 is a stack-based buffer overflow vulnerability in the Tenda AC1206 router's firmware version 15.03.06.23. It occurs in the fromGstDhcpSetSer CGI handler, which processes the username and password parameters without proper length validation or sanitization.

An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a long string (188 or more characters) without any period ('.') to the fromGstDhcpSetSer endpoint. This causes a buffer overflow in the router's memory.

The overflow can lead to a denial of service (DoS) by crashing or rebooting the device, and potentially could allow remote code execution.

Impact Analysis

This vulnerability can impact you by causing a denial of service (DoS) on your Tenda AC1206 router, making it crash or reboot unexpectedly.

In a worst-case scenario, it could allow an attacker to execute arbitrary code remotely, potentially compromising the security and functionality of your network device.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests sent to the Tenda AC1206 router's fromGstDhcpSetSer CGI endpoint. Specifically, look for requests containing unusually long username or password parameters (188 or more characters) without any period ('.') character.

A practical detection method is to capture and analyze network traffic to identify such crafted HTTP requests that may trigger the stack overflow.

For example, using command-line tools like tcpdump or tshark to filter HTTP requests to the vulnerable endpoint and check parameter lengths can help detect exploitation attempts.

  • tcpdump -i <interface> -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'fromGstDhcpSetSer'
  • Use a script or manual inspection to identify username or password parameters with length >= 188 characters and no '.' character.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable fromGstDhcpSetSer CGI endpoint by implementing network-level controls such as firewall rules to block unauthorized HTTP requests to the router.

Additionally, monitor and filter incoming HTTP requests to detect and block those with suspiciously long username or password parameters.

If possible, update the router firmware to a version that patches this vulnerability once it becomes available from the vendor.

Until a patch is available, consider isolating the device from untrusted networks to reduce exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36789. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart