Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Published: 2026-06-09
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow vulnerability resides in the IPMacBindIndex parameter of the formIPMacBindDel function in Shenzhen Tenda Technology Co., Ltd Tenda G0 firmware version 15.11.0.5. An attacker can exploit this by sending a specifically crafted HTTP request, which causes the device to crash and become unavailable, leading to a denial of service condition for legitimate users. The primary weakness is an unchecked buffer boundary that can be overflowed, a classic buffer overflow flaw.

Affected Systems

The affected product is the Tenda G0 router, firmware 15.11.0.5, sold by Shenzhen Tenda Technology Co., Ltd. No other vendor or product versions are listed as impacted.

Risk and Exploitability

The documented score for EPSS is unavailable and the vulnerability is not listed in the CISA KEV catalog, so the public exploit probability is not quantified. However, the flaw can be triggered via the web administration interface, therefore the attack vector is remote over HTTP. Since the flaw causes a crash rather than code execution, the difficulty of exploitation is low: a simple HTTP POST or GET request with malicious data is sufficient. The impact is loss of availability of the router or any services that depend on it.

Generated by OpenCVE AI on June 9, 2026 at 21:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Tenda support website for a firmware update that fixes the buffer overflow in the formIPMacBindDel function. If a patch is available, install the updated firmware as soon as possible.
  • If no patch exists, restrict access to the router’s web administration interface by placing it in a separate network segment or applying firewall rules to limit connections to trusted IP addresses only.
  • Actively monitor the device logs for abnormal termination events or repeated crashes, and consider implementing redundancy or failover mechanisms to maintain service availability during an exploit.

Generated by OpenCVE AI on June 9, 2026 at 21:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in Tenda G0 IPMacBindDel Leading to DoS
Weaknesses CWE-119

Tue, 09 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-09T18:12:37.252Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36800

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-09T19:17:45.630

Modified: 2026-06-09T19:35:05.693

Link: CVE-2026-36800

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T21:45:05Z

Weaknesses