CVE-2026-36801: Shenzhen Tenda Technology Co
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
A buffer overflow vulnerability affects the Tenda G0 router (firmware v15.11.0.5), specifically in the formIPMacBindAdd function when processing the IPMacBindRule parameter. The flaw is reachable over the network with no authentication required and no user interaction needed, making it trivially exploitable by any remote attacker. Successful exploitation crashes the affected device, causing a denial of service. No fix version has been published; HarborGuard tracks this advisory for patch availability.
HarborGuard Coverage
Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against customer images, including custom-built images that bundle affected Tenda G0 firmware or related components. Any image found carrying the vulnerable firmware version is flagged immediately.
AvailableHarborGuard can score this finding at CVSS 7.5 (HIGH) and weight it against each customer environment's compliance policy to determine urgency. Triage routing is available to direct findings to the appropriate team inbox within each customer organization.
AvailableBecause no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. In the interim, the finding remains open and visible in each affected environment's dashboard.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The vulnerable function is exposed over the network via HTTP, so an attacker must be able to reach the device's web interface across the network.
- AuthenticationNot required
No credentials or prior account access are needed; the attack can be launched by any unauthenticated remote party.
- Victim interactionNot required
No action is required from a user or administrator on the target device for the exploit to succeed.
- Attack complexityDetail
Exploitation is reliable and condition-free; the attacker only needs to send a crafted HTTP request with no dependency on race conditions or specific memory layout.
Blast Radius
- Crashes the Tenda G0 router process or device, taking it offline and severing network connectivity for all hosts behind it.
- Sustained or repeated requests can keep the device in a crashed or reboot loop, preventing recovery without physical intervention.
- No confidentiality or data-modification impact is indicated; the sole effect is loss of availability of the affected device.
How HarborGuard Handles This
Available on HarborGuard: detection for CVE-2026-36801 is active, and any customer image found containing the affected Tenda G0 firmware component (v15.11.0.5) is flagged at HIGH severity within minutes of the image being scanned. Because no upstream patch exists, HarborGuard monitors the advisory on every ingest cycle and will automatically make a patched-image rebuild available and, for customers with auto-remediation enabled, will open a PR against affected workloads the moment a fix version is published. While no fix is available, compensating controls worth considering include isolating the router management interface behind a firewall or network policy rule that blocks untrusted sources from reaching the HTTP admin port, and applying egress filtering to limit lateral reachability from a crashed or compromised device. The finding remains visible in the open-findings queue until an upstream fix is confirmed.
- n/a / n/an/a
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H