Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Published: 2026-06-09
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Multiple stack overflows were discovered in the formSetDebugCfgr function of Shenzhen Tenda Technology Co., Ltd Tenda G0. The overflow can be triggered by manipulating the enable, level, and module parameters in an HTTP request. The vulnerability can cause the device to become unresponsive, effectively creating a denial of service condition.

Affected Systems

The affected product is Shenzhen Tenda Technology Co., Ltd Tenda G0, firmware version 15.11.0.5. No additional versions were listed in the advisory.

Risk and Exploitability

The EPSS score is not available and the flaw is not listed in the CISA KEV catalog. The flaw is a stack-based buffer overflow that can be exploited by an attacker sending a crafted HTTP request to the affected device over the network. Because the vulnerability is triggered by external traffic, any device exposed to the internet or an untrusted internal network is at risk. The severity is likely high due to the potential for service disruption, though a CVSS score was not provided.

Generated by OpenCVE AI on June 9, 2026 at 21:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a firmware version that fixes the formSetDebugCfgr stack overflow.
  • Disable or remove the vulnerable debug configuration parameters through the device’s administrative interface or configuration files if a newer firmware is unavailable.
  • Apply network-layer protection such as rate limiting or blocking requests to the affected HTTP endpoint to mitigate potential denial of service attacks.

Generated by OpenCVE AI on June 9, 2026 at 21:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Title Multiple Stack Overflow Vulnerabilities in Tenda G0 formSetDebugCfgr Leading to DoS
Weaknesses CWE-120

Tue, 09 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-09T18:12:36.851Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36798

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-09T19:17:45.313

Modified: 2026-06-09T19:35:05.693

Link: CVE-2026-36798

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T22:00:19Z

Weaknesses