CVE-2026-36815
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: MITRE

Description
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-36815
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tenda w15e 15.11.0.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-36815 is a buffer overflow vulnerability found in the Tenda W15E router, specifically in version V15.11.0.10. The issue exists in the formSetNetCheckTools function, which processes HTTP requests. When the router receives a crafted HTTP request containing a very long "hostname" parameter, it copies this parameter into a fixed-size buffer without proper bounds checking. This causes a buffer overflow, which can lead to the device crashing or becoming unstable.

Impact Analysis

This vulnerability can be exploited by an attacker to cause a Denial of Service (DoS) on the affected Tenda W15E router. By sending a specially crafted HTTP request with an excessively long hostname parameter, the attacker can trigger a buffer overflow that crashes the device or makes it unstable, disrupting network connectivity and availability.

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests sent to the Tenda W15E router, specifically looking for unusually long "hostname" parameters in requests to the formSetNetCheckTools function.

An attacker exploits this by sending a crafted HTTP request with a "hostname" parameter of 888 or more characters, which causes a buffer overflow.

To detect potential exploitation attempts, you can capture and inspect HTTP traffic targeting the router's management interface and filter for requests containing the "hostname" parameter with excessive length.

  • Use a network packet capture tool like tcpdump or Wireshark to capture HTTP traffic on the router's IP and port.
  • Example tcpdump command to capture HTTP requests to the router (replace <router_ip> with the actual IP):
  • tcpdump -A -s 0 host <router_ip> and tcp port 80
  • After capturing, search for HTTP POST or GET requests containing the parameter "hostname" with a very long value (e.g., 888+ characters).
  • You can also use command-line tools like grep or specialized HTTP log analyzers to scan web server logs or captured traffic for suspiciously long "hostname" parameters.
Mitigation Strategies

To mitigate this vulnerability immediately, you should restrict access to the router's management interface to trusted networks or IP addresses only.

Avoid exposing the router's HTTP management interface to untrusted networks or the internet.

Monitor and block HTTP requests containing unusually long "hostname" parameters to prevent exploitation attempts.

If possible, update the router firmware to a version that addresses this buffer overflow vulnerability once a patch is released by the vendor.

As a temporary workaround, consider disabling or limiting the functionality related to the formSetNetCheckTools function if the router's configuration allows.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36815. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart