PatchSiren cyber security CVE debrief
CVE-2026-36784 Shenzhen Tenda Technology Co., Ltd CVE debrief
A stack overflow vulnerability was discovered in Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). The vulnerability exists in the ip parameter of the fromNetToolGet function, which allows attackers to cause a Denial of Service (DoS) via a HTTP request. The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity.
- Vendor
- Shenzhen Tenda Technology Co., Ltd
- Product
- Tenda O3 Wireless Router
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Users of Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is caused by a stack overflow in the ip parameter of the fromNetToolGet function. This allows attackers to cause a Denial of Service (DoS) via a HTTP request.
Defensive priority
HIGH
Recommended defensive actions
- Update to a patched version of the Tenda O3 Wireless Router if available.
- Limit access to the router's management interface to trusted IP addresses.
- Monitor router logs for suspicious activity.
Evidence notes
The vulnerability was discovered and reported by an unknown source. The CVE record was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-36784).
Official resources
-
CVE-2026-36784 CVE record
CVE.org
-
CVE-2026-36784 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-36784 was published on 2026-06-09T19:17:44.440Z and modified on 2026-06-10T19:16:34.850Z.