PatchSiren cyber security CVE debrief
CVE-2026-36791 Shenzhen Tenda Technology Co., Ltd CVE debrief
A vulnerability was discovered in Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5. The stack overflow occurs in the save_list_data parameter of the formSetCfm function, allowing attackers to cause a Denial of Service (DoS) via a crafted HTTP request. This vulnerability has a CVSS score of 7.5 and a severity of HIGH.
- Vendor
- Shenzhen Tenda Technology Co., Ltd
- Product
- Tenda O3v3
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Administrators and users of Shenzhen Tenda Technology Co., Ltd Tenda O3v3 v1.0.0.5 should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by a stack overflow in the save_list_data parameter of the formSetCfm function. This can be exploited by sending a crafted HTTP request to the affected device, potentially leading to a Denial of Service (DoS).
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Restrict access to the affected device to only trusted networks and users.
- Monitor network traffic and system logs for suspicious activity.
Evidence notes
The vulnerability was discovered and reported by an unknown source. The CVE record was published on 2026-06-09T19:17:44.570Z and last modified on 2026-06-10T18:16:45.237Z.
Official resources
-
CVE-2026-36791 CVE record
CVE.org
-
CVE-2026-36791 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
This CVE debrief is based on information from official sources and is intended for informational purposes only. It does not constitute an endorsement or recommendation for any specific course of action.