Description
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Published: 2026-06-09
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow exists in the IPMacBindRule parameter of the formIPMacBindAdd function in Tenda G0 v15.11.0.5. The overflow can be triggered by a specially crafted HTTP request, causing the device to crash and stop processing requests. The primary impact is a service interruption of the affected device with no direct confidentiality or integrity compromise. The weakness corresponds to an uncontrolled buffer overrun (CWE-119).

Affected Systems

Device: Tenda G0 (firmware version 15.11.0.5) manufactured by Shenzhen Tenda Technology Co., Ltd. No other vendor or product versions are reported to be affected.

Risk and Exploitability

The vulnerability can be exploited remotely by sending a malformed HTTP request to the affected device. Exploitation does not require local access or elevated privileges. Although an EPSS score is unavailable and the vulnerability is not listed in CISA KEV, the nature of a remote DoS implies potential operational impact. The lack of patch availability in the public release underscores the need for immediate remediation.

Generated by OpenCVE AI on June 9, 2026 at 21:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device firmware to the latest version that addresses the buffer overflow bug
  • If the IPMacBind feature is not needed, disable it through the device’s configuration panel
  • Apply firewall or ACL rules to limit inbound HTTP traffic only to trusted IP ranges
  • Monitor device logs for anomalous request patterns and respond promptly

Generated by OpenCVE AI on June 9, 2026 at 21:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in IPMacBindRule Leading to DoS
Weaknesses CWE-119

Tue, 09 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-09T18:12:29.203Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36801

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-09T19:17:45.757

Modified: 2026-06-09T19:35:05.693

Link: CVE-2026-36801

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T21:45:05Z

Weaknesses