CVE-2026-36799
Deferred Deferred - Pending Action

Buffer Overflow in Tenda G0 Router Firmware

Publication date: 2026-06-09

Last updated on: 2026-06-10

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the portalAuth parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-10
Generated
2026-06-30
AI Q&A
2026-06-10
EPSS Evaluated
2026-06-28
NVD
CVE-2026-36799

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
tenda tenda_g0 15.11.0.5
tenda g0 15.11.0.5

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-36799 is a buffer overflow vulnerability in the Tenda G0 router firmware version V15.11.0.5. It exists in the formPortalAuth function, which handles HTTP requests. The vulnerability occurs when an attacker sends a specially crafted HTTP request with an excessively long 'gotoUrl' parameter. This parameter is copied into a fixed-size buffer without proper length checking, causing a buffer overflow.

This overflow can lead to the process crashing or the device becoming unstable, resulting in a denial of service (DoS).

Impact Analysis

This vulnerability can be exploited by attackers to cause a denial of service on the affected Tenda G0 router. By sending a crafted HTTP request with a long 'gotoUrl' parameter, the attacker can crash the process or destabilize the device, potentially disrupting network connectivity and availability.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests sent to the Tenda G0 router's formPortalAuth CGI endpoint. Specifically, look for unusually long gotoUrl parameters in HTTP requests, such as those with 888 or more repeated characters.

A practical detection method is to capture network traffic and filter for HTTP requests targeting the formPortalAuth endpoint with long gotoUrl parameters.

  • Use tools like tcpdump or Wireshark to capture HTTP traffic to the router.
  • Example tcpdump command to capture HTTP requests to the router (replace <router_ip> with the router's IP):
  • tcpdump -A -s 0 host <router_ip> and tcp port 80
  • Then, search captured traffic for requests containing 'formPortalAuth' and check if the 'gotoUrl' parameter is excessively long.
Mitigation Strategies

To mitigate this vulnerability immediately, avoid exposing the Tenda G0 router's formPortalAuth CGI endpoint to untrusted networks.

Restrict access to the router's management interface to trusted IP addresses only.

If possible, apply any available firmware updates from Shenzhen Tenda Technology Co., Ltd that address this buffer overflow issue.

As a temporary measure, monitor and block HTTP requests with suspiciously long gotoUrl parameters targeting the formPortalAuth endpoint to prevent exploitation.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36799. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart