CVE-2026-36799
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the portalAuth parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-36799
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda tenda_g0 15.11.0.5
tenda g0 15.11.0.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-36799 is a buffer overflow vulnerability in the Tenda G0 router firmware version V15.11.0.5. It exists in the formPortalAuth function, which handles HTTP requests. The vulnerability occurs when an attacker sends a specially crafted HTTP request with an excessively long 'gotoUrl' parameter. This parameter is copied into a fixed-size buffer without proper length checking, causing a buffer overflow.

This overflow can lead to the process crashing or the device becoming unstable, resulting in a denial of service (DoS).

Impact Analysis

This vulnerability can be exploited by attackers to cause a denial of service on the affected Tenda G0 router. By sending a crafted HTTP request with a long 'gotoUrl' parameter, the attacker can crash the process or destabilize the device, potentially disrupting network connectivity and availability.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests sent to the Tenda G0 router's formPortalAuth CGI endpoint. Specifically, look for unusually long gotoUrl parameters in HTTP requests, such as those with 888 or more repeated characters.

A practical detection method is to capture network traffic and filter for HTTP requests targeting the formPortalAuth endpoint with long gotoUrl parameters.

  • Use tools like tcpdump or Wireshark to capture HTTP traffic to the router.
  • Example tcpdump command to capture HTTP requests to the router (replace <router_ip> with the router's IP):
  • tcpdump -A -s 0 host <router_ip> and tcp port 80
  • Then, search captured traffic for requests containing 'formPortalAuth' and check if the 'gotoUrl' parameter is excessively long.
Mitigation Strategies

To mitigate this vulnerability immediately, avoid exposing the Tenda G0 router's formPortalAuth CGI endpoint to untrusted networks.

Restrict access to the router's management interface to trusted IP addresses only.

If possible, apply any available firmware updates from Shenzhen Tenda Technology Co., Ltd that address this buffer overflow issue.

As a temporary measure, monitor and block HTTP requests with suspiciously long gotoUrl parameters targeting the formPortalAuth endpoint to prevent exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36799. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart