Description
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the SafeMacFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Published: 2026-06-09
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerable software is Shenzhen Tenda Technology’s router firmware, Tenda PW201A version 1.0.5. A buffer overflow exists in the SafeMacFilter function's page parameter, which can be triggered by a crafted HTTP request. The overflow corrupts memory and causes the device to crash, resulting in a denial of service for any user on that network. No information indicates a possibility of remote code execution or privilege escalation; the impact is limited to availability only.

Affected Systems

Shenzhen Tenda Technology’s router product, Tenda PW201A, firmware version 1.0.5 is affected. No additional versions or variants are listed.

Risk and Exploitability

The published EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting a lower probability of widespread exploitation but a high potential impact if an attacker can deliver a malicious HTTP request to the device. The primary attack vector is remote over HTTP; an attacker must be able to communicate with the router, either locally or over the internet if the device is exposed. Given the nature of buffer overflows, a successful exploit would lead to a crash of the SafeMacFilter process, rendering the device unavailable until a reboot or firmware reset occurs.

Generated by OpenCVE AI on June 9, 2026 at 22:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the firmware to the latest version released by Shenzhen Tenda Technology, which addresses the known vulnerability.
  • If no new firmware is available, isolate the device from untrusted networks and monitor for repeated crashes as a mitigation.
  • Consider disabling the SafeMacFilter feature if it can be turned off by the device configuration, reducing the attack surface.

Generated by OpenCVE AI on June 9, 2026 at 22:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in SafeMacFilter Triggers DoS in Tenda PW201A
Weaknesses CWE-119

Tue, 09 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Description Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the SafeMacFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-09T18:12:36.850Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36802

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-06-09T19:17:45.890

Modified: 2026-06-09T19:35:05.693

Link: CVE-2026-36802

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T22:30:14Z

Weaknesses