CVE-2026-36800
Deferred Deferred - Pending Action

Buffer Overflow in Tenda G0 Router Firmware

Publication date: 2026-06-09

Last updated on: 2026-06-10

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-10
Generated
2026-06-30
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-36800

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
tenda tenda_g0 15.11.0.5
tenda g0 to 15.11.0.5 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-36800 is a buffer overflow vulnerability found in the Tenda G0 router firmware, specifically in the formIPMacBindDel function.

This function processes HTTP requests and uses the IPMacBindIndex parameter from user input without proper bounds checking during a strcpy operation.

An attacker can exploit this by sending a crafted HTTP request with an excessively long IPMacBindIndex parameter (for example, 888 or more characters), which causes a buffer overflow.

Impact Analysis

Exploiting this vulnerability can cause a Denial of Service (DoS) condition on the affected device.

This may lead to process crashes or instability of the Tenda G0 router, potentially disrupting network connectivity and device availability.

Detection Guidance

This vulnerability can be detected by monitoring for unusually long HTTP requests targeting the formIPMacBindDel function, specifically those containing the IPMacBindIndex parameter with an excessively long value (e.g., 888 or more characters).

A practical detection method is to capture HTTP traffic to the Tenda G0 router and filter requests that include the IPMacBindIndex parameter with a length exceeding normal bounds.

  • Use a network packet capture tool like tcpdump or Wireshark to capture HTTP requests to the router.
  • Example tcpdump command to capture HTTP traffic to the router's IP (replace <router_ip>): tcpdump -A -s 0 host <router_ip> and tcp port 80
  • Use grep or similar tools to search captured traffic for 'IPMacBindIndex=' parameters with long values, for example: grep -Eo 'IPMacBindIndex=[^&]{888,}' capturefile
Mitigation Strategies

Immediate mitigation steps include restricting access to the router's HTTP management interface to trusted networks or IP addresses to prevent attackers from sending crafted requests.

Additionally, monitoring and blocking HTTP requests with abnormally long IPMacBindIndex parameters can help prevent exploitation.

If available, update the router firmware to a version that patches this buffer overflow vulnerability.

Compliance Impact

The provided information does not include any details on how the CVE-2026-36800 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36800. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart