CVE-2026-36799: Shenzhen Tenda Technology Co
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the portalAuth parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
A buffer overflow vulnerability affects the Tenda G0 router firmware (v15.11.0.5), specifically in the portalAuth parameter of the formPortalAuth function. The flaw is reachable over the network with no authentication required and no user interaction needed, making it trivially exploitable by any remote attacker who can send HTTP requests to the device. Successful exploitation crashes the affected service, causing a denial of service. No fix version has been published; HarborGuard tracks the advisory for patch availability.
HarborGuard Coverage
Detection for CVE-2026-36799 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream feeds, including custom-built images that bundle Tenda G0 firmware components. Any image in a customer registry or CI pipeline running the affected firmware version is flagged automatically.
AvailableHarborGuard scores this CVE at 7.5 HIGH using the provided CVSS v3.1 vector, and triage surfacing is available with per-environment compliance policy weighting applied. Findings are routed to the appropriate team inbox within each customer organization based on configured ownership rules.
AvailableBecause no upstream fix version has been published for this CVE, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. In the interim, compensating controls such as network-policy isolation of affected images are surfaced as recommended actions within the platform.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The vulnerable formPortalAuth endpoint is exposed over the network, so an attacker must be able to send HTTP requests to the device across a network path.
- AuthenticationNot required
No credentials or account of any kind are needed to trigger the overflow; an unauthenticated HTTP request is sufficient.
- Victim interactionNot required
No user action is required; the attacker sends a crafted request directly to the service without any victim participation.
- Attack complexityDetail
Exploitation is reliable and condition-free, requiring no special timing, memory layout knowledge, or environmental prerequisites.
Blast Radius
- Crashes the affected Tenda G0 router service, taking down network routing or portal functionality for all connected users.
- Sustained or repeated requests can keep the service in a crashed state, effectively producing a persistent denial of service.
- No confidentiality or data-integrity impact is associated with this vulnerability; impact is limited to availability.
How HarborGuard Handles This
Available on HarborGuard: detection for CVE-2026-36799 is active across customer registries and pipelines, flagging any image that bundles the affected Tenda G0 firmware version. Because no upstream patch exists yet, the platform monitors the advisory on every ingest cycle and will surface a patched-image rebuild automatically the moment a fix version is published. For customers who opt into auto-remediation, that rebuild will trigger a regression run and a PR opened against affected workloads without manual intervention. In the interim, HarborGuard surfaces compensating-control recommendations including network-policy isolation to restrict HTTP access to affected devices, egress filtering to limit exposure of portal endpoints, and flagging the affected images for priority review in compliance dashboards.
- n/a / n/an/a
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H