HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-36797Published Modified CNA mitre

CVE-2026-36797: Shenzhen Tenda Technology Co

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the IPMacBindRuleIp parameter of the formIPMacBindModify function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A stack-based buffer overflow affects Tenda G0 firmware version 15.11.0.5, specifically in the formIPMacBindModify function when processing the IPMacBindRuleIp parameter. The vulnerability is reachable over the network with no authentication required and no user interaction needed, meaning any attacker who can send HTTP requests to the device can trigger it. Successful exploitation crashes the affected service, causing a denial of service. No fix version has been published; HarborGuard tracks the advisory for patch availability.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream advisory feeds, including custom-built images that incorporate affected Tenda G0 firmware. Any image containing the vulnerable firmware version is flagged automatically as new scan cycles complete.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS 7.5 (HIGH) and weighting that score against each customer environment's compliance policy to determine urgency. Triage routing is available to surface findings to the appropriate team inbox within each customer organization based on policy configuration.

Available
Patch

Because no upstream fix version has been published for this CVE, HarborGuard re-checks the advisory on each ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. In the interim, customers can review available compensating controls through the HarborGuard advisory detail page.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the device's HTTP service over the network; no local or physical access is required.

  • AuthenticationNot required

    No credentials are needed; the vulnerable HTTP endpoint accepts unauthenticated requests.

  • Victim interactionNot required

    The attacker sends a crafted HTTP request directly to the device; no action from any user is required.

  • Attack complexityDetail

    Exploitation is reliable and condition-free; no race conditions or specific memory layout dependencies are involved.

Blast Radius

  • The affected service crashes, taking the Tenda G0 device offline and severing network connectivity for hosts that depend on it.
  • Repeated exploitation keeps the device in a crashed or unavailable state, sustaining the denial of service indefinitely.
  • No confidentiality or data-integrity impact is present; the exploit is limited to availability disruption.

How HarborGuard Handles This

Available on HarborGuard: continuous monitoring of this advisory is active, with the CVE matched against all customer images on every ingest cycle. Because no upstream patch exists, HarborGuard will make a patched-image rebuild available automatically the moment a fix version is published. While waiting for an upstream fix, customers can use HarborGuard network-policy recommendations to restrict inbound HTTP access to the affected device management interface, reducing the exposed attack surface. For customers with auto-remediation enabled, the rebuild-and-PR flow will trigger without manual intervention as soon as a fix version is confirmed.

See how HarborGuard automates this
Affected packages
  • n/a / n/a
    n/a
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References