Denial of Service Vulnerability in Tenda O3 Wireless Router by Shenzhen Tenda Technology Co., Ltd
CVE-2026-36778

4.9MEDIUM

Key Information:

Vendor: Shenzhen Tenda Technology Co., Ltd
Status: Tenda O3 Wireless Router
Vendor: CVE Published:; 9 June 2026

🔔 Create Shenzhen Tenda Technology Co., Ltd Vulnerability Alert

What is CVE-2026-36778?

A stack overflow vulnerability has been identified in the username parameter of the R7WebsSecurityHandler function in the Tenda O3 Wireless Router. This flaw enables remote attackers to exploit the device through specially crafted HTTP requests, resulting in a Denial of Service condition. Remediation is essential to prevent potential disruptions in service.

References

https://github.com/xhh0124/SemVulLLM/tree/main/O3/R7WebsS...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-36778 Data

JSON