PatchSiren cyber security CVE debrief
CVE-2026-36801 Shenzhen Tenda Technology Co., Ltd CVE debrief
A buffer overflow vulnerability was discovered in the IPMacBindRule parameter of the formIPMacBindAdd function in Tenda G0 v15.11.0.5. This HIGH severity vulnerability, with a CVSS score of 7.5, allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
- Vendor
- Shenzhen Tenda Technology Co., Ltd
- Product
- Tenda G0
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Administrators and users of Tenda G0 v15.11.0.5 are advised to take immediate action to mitigate this vulnerability.
Technical summary
The vulnerability is caused by a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This can be exploited by sending a crafted HTTP request to the affected device, potentially leading to a Denial of Service (DoS).
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor as soon as possible.
- Restrict access to the affected device to trusted users only.
- Monitor the device for suspicious activity.
Evidence notes
The vulnerability was discovered and reported by an unknown source. The CVE record was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-36801).
Official resources
-
CVE-2026-36801 CVE record
CVE.org
-
CVE-2026-36801 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-36801 was published on 2026-06-09T19:17:45.757Z and modified on 2026-06-10T18:16:45.850Z.