HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-36792Published Modified CNA mitre

CVE-2026-36792: Shenzhen Tenda Technology Co

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formWifiRadioSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A stack-based buffer overflow exists in the formWifiRadioSet function of the Tenda W3 Wireless Router firmware v1.0.0.3(2204), specifically in the wl_radio parameter. The vulnerability is reachable over the network with no authentication required and no user interaction needed. Successful exploitation crashes the affected service, causing a denial of service. No fix version has been published; HarborGuard tracks this advisory for patch availability.

HarborGuard Coverage

Detection

Detection for CVE-2026-36792 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream advisory feeds, including custom-built images that incorporate affected Tenda W3 firmware components.

Available
Triage

Triage is available using the CVSS v3.1 score of 7.5 (HIGH), with per-environment compliance policy weighting applied to surface the finding to the appropriate team inbox inside each customer organization.

Available
Patch

No fix version has been published upstream. HarborGuard re-checks this advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable HTTP endpoint is exposed over the network, so an attacker must be able to reach the device's web interface to send a crafted request.

  • AuthenticationNot required

    No credentials are needed; the attacker can send a malicious request as an unauthenticated caller.

  • Victim interactionNot required

    The exploit requires no action from any user or administrator on the target device.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and requires no special conditions, race timing, or environmental prerequisites.

Blast Radius

  • The affected router process crashes, taking down wireless radio configuration handling and disrupting network connectivity for all devices on the affected segment.
  • No confidentiality impact is associated with this vulnerability; stored credentials and configuration data are not exposed by the overflow.
  • No integrity impact is present; the attacker cannot modify persisted settings or routing tables through this exploit path.

How HarborGuard Handles This

Available on HarborGuard: detection for this CVE is matched against customer images on every scan cycle, covering both registry images and images built in CI pipelines. Because no upstream fix exists yet, HarborGuard monitors the advisory continuously and will surface a patched-image rebuild the moment a fix version is published. In the interim, customers can apply compensating controls through HarborGuard network policy recommendations, such as restricting ingress to the router management HTTP interface via network-policy isolation and egress filtering rules, to reduce exposure. For customers with auto-remediation enabled, a rebuilt image and regression test run will be triggered automatically as soon as an upstream patch is available.

See how HarborGuard automates this
Affected packages
  • n/a / n/a
    n/a
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References