Stack Overflow Vulnerability in Tenda W3 Wireless Router by Shenzhen Tenda Technology Co., Ltd
CVE-2026-36777

6.5MEDIUM

Key Information:

Vendor: Shenzhen Tenda Technology Co., Ltd
Status: Tenda W3 Wireless Router
Vendor: CVE Published:; 9 June 2026

🔔 Create Shenzhen Tenda Technology Co., Ltd Vulnerability Alert

What is CVE-2026-36777?

A stack overflow vulnerability has been identified in the Tenda W3 Wireless Router, specifically in the param_1 parameter of the formSetCfm function. This flaw allows attackers to exploit the device by sending specially crafted HTTP requests, resulting in a Denial of Service (DoS). Successful exploitation may lead to the router becoming unresponsive, potentially impacting the availability of network services. Users are advised to monitor their devices and apply security measures to mitigate risks associated with this vulnerability.

References

https://github.com/xhh0124/SemVulLLM/tree/main/W3/formSetCfm

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-36777 Data

JSON