PatchSiren cyber security CVE debrief
CVE-2026-36793 Shenzhen Tenda Technology Co., Ltd CVE debrief
A vulnerability was discovered in Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204). The formwrlSSIDset function contains multiple stack overflows via the mit_ssid and mis_ssid_index parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
- Vendor
- Shenzhen Tenda Technology Co., Ltd
- Product
- Tenda W3 Wireless Router
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Users of Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) should be aware of this vulnerability and take necessary precautions.
Technical summary
The vulnerability has a CVSS score of 7.5 and a HIGH severity. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Limit access to the affected system to trusted users only.
- Monitor network traffic for suspicious activity.
Evidence notes
The vulnerability was reported via [ref-4](https://github.com/xhh0124/SemVulLLM/tree/main/W3/FUN_00442b44).
Official resources
-
CVE-2026-36793 CVE record
CVE.org
-
CVE-2026-36793 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-36793 was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-36793) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2026-36793).