CVE-2026-36958 - Vulnerability Details

- Denial of Service via HTTP Flood on U‑SPEED N300 Router

Description

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation.

Published: 2026-04-30

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A high volume of concurrent HTTP requests targeted at the web management interface of the U‑SPEED N300 router overloads its embedded Boa HTTP server, rapidly exhausting memory and file descriptor resources. This resource exhaustion renders the web interface unresponsive, effectively denying administrators access to manage the device until a manual reboot restores service.

Affected Systems

U‑SPEED N300 wireless router, version V1.0.0, is the only product listed as affected by this denial‑of‑service flaw.

Risk and Exploitability

The vulnerability can be exercised remotely by any host that can reach the router’s management interface, without requiring authentication. An attacker can simply flood the interface with many concurrent requests to random or non‑existent endpoints, triggering the server to deplete its resources. The CVSS score of 7.5 reflects a high severity impact, while the EPSS metric is very low (<1%), indicating a small likelihood of exploitation, and the flaw is not in CISA’s KEV catalog, suggesting limited or no known active exploitation, though the risk remains if the router is exposed to untrusted networks.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:u-speed:n300_firmware:1.0.0:*:*:*:*:*:*:*

cpe:2.3:h:u-speed:n300:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

U-speed

N300 Router

100%

Version	Status	Scheme	Platform
`1.0.0`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the router’s firmware to a version that contains a fix for the Boa HTTP server resource exhaustion issue, if the vendor publishes an update.
If no firmware update is available, restrict the web management interface to a trusted internal network or a VPN, blocking direct HTTP access from untrusted sources.
Implement network‑level rate limiting or firewall rules to throttle excessive HTTP requests directed at the router’s management port, thereby reducing the likelihood of successful resource exhaustion.
Regularly monitor router logs for unusually high volumes of HTTP traffic and reboot the device proactively if sustained abuse is detected.

Generated by OpenCVE AI on May 2, 2026 at 10:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0005.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
http://u-speed.com
https://github.com/kirubel-cve/CVE-2026-36958

History

Tue, 05 May 2026 03:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		U-speed n300 U-speed n300 Firmware
CPEs		cpe:2.3:h:u-speed:n300:-:::::::* cpe:2.3:o:u-speed:n300_firmware:1.0.0:::::::*
Vendors & Products		U-speed n300 U-speed n300 Firmware

Sat, 02 May 2026 11:15:00 +0000

Type	Values Removed	Values Added
Title		Denial of Service via HTTP Flood on U‑SPEED N300 Router

Fri, 01 May 2026 08:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		U-speed U-speed n300 Router
Vendors & Products		U-speed U-speed n300 Router

Thu, 30 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-400
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 30 Apr 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description		A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation.
References		http://u-speed.com https://github.com/kirubel-cve/CVE-2026-36958

Subscriptions

U-speed N300 N300 Firmware N300 Router

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-04-30T00:00:00.000Z

Updated: 2026-04-30T15:37:28.828Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36958

Vulnrichment

Updated: 2026-04-30T15:35:47.324Z

NVD

Status : Analyzed

Published: 2026-04-30T15:16:22.963

Modified: 2026-05-05T03:00:49.310

Link: CVE-2026-36958

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-02T11:00:06Z

Weaknesses

CWE-400

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object