PatchSiren cyber security CVE debrief
CVE-2026-36800 Shenzhen Tenda Technology Co., Ltd CVE debrief
A buffer overflow vulnerability was discovered in the IPMacBindIndex parameter of the formIPMacBindDel function in Tenda G0 v15.11.0.5. This HIGH severity vulnerability, with a CVSS score of 7.5, allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
- Vendor
- Shenzhen Tenda Technology Co., Ltd
- Product
- G0
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Administrators and users of Tenda G0 v15.11.0.5 are advised to take immediate action to mitigate this vulnerability.
Technical summary
The vulnerability is caused by a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This can be exploited by sending a crafted HTTP request to the affected device, potentially leading to a Denial of Service (DoS).
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor as soon as possible.
- Restrict access to the affected device to trusted users only.
- Monitor the device for suspicious activity.
Evidence notes
The CVE record for CVE-2026-36800 was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-36800). The vulnerability details were obtained from [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-36800). Additional information can be found at [ref-4](https://github.com/xhh0124/SemVulLLM/tree/main/G0/formIPMacBindDel).
Official resources
-
CVE-2026-36800 CVE record
CVE.org
-
CVE-2026-36800 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-36800 was published on 2026-06-09T19:17:45.630Z and modified on 2026-06-10T19:16:35.180Z.