CVE Catalog

CVE-2026-36772

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

4th percentile - higher than 4% of all known CVEs

Summary

The Tenda W3 wireless router version 1.0.0.3(2204) contains a stack overflow vulnerability in the wl_radio parameter of the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted input.

Risk Assessment

This vulnerability may lead to service unavailability, impacting the continuity of organizational operations. A DoS attack can disrupt normal network functioning.

Recommendation

It is recommended to update the router's firmware to the latest version to mitigate this vulnerability. Additionally, monitoring network traffic for potential attack attempts is advisable.

Original NVD description (English source)

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS