Description
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a HTTP request.
Published: 2026-06-09
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack overflow was identified in the ip parameter of the fromNetToolGet function in the Tenda O3 Wireless Router firmware v1.0.0.5(4180). The flaw can be triggered by a crafted HTTP request, causing the router to crash and rendering the device unavailable. The impact is a loss of network connectivity for all users relying on the router, compromising availability but not confidentiality or integrity.

Affected Systems

The vulnerability affects the Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router running firmware version v1.0.0.5(4180). No other vendors or product versions are listed.

Risk and Exploitability

Attackers can remotely exploit the flaw by sending a malformed ip parameter to the router’s HTTP endpoint. The resulting stack overflow leads to a denial of service, which is considered a high severity issue. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, indicating no publicly documented exploits yet. However, the nature of the flaw suggests that remote exploitation is feasible if the router is exposed to untrusted networks.

Generated by OpenCVE AI on June 9, 2026 at 22:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest release that addresses the stack overflow flaw
  • Restrict external access to the router’s administrative interface or block traffic to the fromNetToolGet endpoint at the network perimeter
  • Monitor router logs for repeated attempts to access the vulnerable function and investigate any abnormal activity

Generated by OpenCVE AI on June 9, 2026 at 22:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Title Stack Overflow in Tenda O3 Router fromNetToolGet Leading to Denial of Service
Weaknesses CWE-119

Tue, 09 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a HTTP request.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-09T18:12:31.093Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36784

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-09T19:17:44.440

Modified: 2026-06-09T19:35:05.693

Link: CVE-2026-36784

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T22:30:14Z

Weaknesses