Executive Summary

CVE-2026-36802 is a buffer overflow vulnerability found in the Tenda PW201A V1.0.5 router, specifically in the SafeMacFilter function within the TENDA_HTTPD file.

The vulnerability occurs because the function retrieves the "page" parameter from an HTTP request without proper bounds checking and then uses it in a sprintf command. If the "page" parameter is excessively long (for example, 888 or more characters), it causes a buffer overflow.

This flaw can be exploited by sending a specially crafted HTTP request directly to the vulnerable CGI endpoint, leading to potential denial of service.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can cause a denial of service (DoS) on the affected device.

By exploiting the buffer overflow, an attacker can cause the router process to crash or the device to become unstable, potentially disrupting network connectivity and services relying on the router.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by sending crafted HTTP requests to the vulnerable router's SafeMacFilter CGI endpoint and observing the response or device behavior.

Specifically, sending an HTTP request with an excessively long "page" parameter (e.g., 888 or more 'a' characters) to the endpoint associated with the SafeMacFilter function may trigger the buffer overflow.

An example command using curl to test this could be:

• curl -v "http://[router_ip]/cgi-bin/SafeMacFilter?page=$(python3 -c 'print("a"*888)')"

If the device crashes, becomes unstable, or the process handling the request terminates, it indicates the presence of the vulnerability.

Useful 0 Not Useful 0