HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-36807Published Modified CNA mitre

CVE-2026-36807: Shenzhen Tenda Technology Co

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A stack-based buffer overflow exists in the Tenda W15E router firmware (v15.11.0.10), specifically in the webAuthUserPwd parameter of the formAddWebAuthUser HTTP endpoint. The flaw is reachable over the network with no authentication required and no user interaction needed. Successful exploitation crashes the affected service, causing a denial of service. HarborGuard is tracking this advisory and will make a patched-image rebuild available as soon as an upstream fix is published.

HarborGuard Coverage

Detection

Detection for CVE-2026-36807 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream feeds, including custom-built images that incorporate affected Tenda firmware components.

Available
Triage

Triage is available using the CVSS v3.1 base score of 7.5 (HIGH), with per-environment compliance policy weighting applied to prioritize routing to the appropriate team inbox within each customer org.

Available
Patch

Because no fix version has been published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered automatically at that point.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable HTTP endpoint is exposed over the network, so an attacker must be able to reach the device's web interface to send a crafted request.

  • AuthenticationNot required

    No credentials are needed; the vulnerable parameter is accessible on an unauthenticated HTTP endpoint.

  • Victim interactionNot required

    No user action is needed on the target device; the attacker sends a crafted HTTP request directly.

  • Attack complexityDetail

    The exploit is reliable and condition-free, requiring no race conditions or special environmental setup beyond network access.

Blast Radius

  • Crashes the web authentication service on the affected Tenda W15E device, making it unresponsive.
  • Disrupts any active user authentication sessions managed by the formAddWebAuthUser function.
  • Renders the administrative web interface unavailable until the device is restarted.

How HarborGuard Handles This

Available on HarborGuard: since no upstream fix exists for CVE-2026-36807 at this time, HarborGuard continuously monitors the advisory on every ingest cycle and will trigger a patched-image rebuild the moment a fix version is published. For customers with auto-remediation enabled, that rebuild will be followed by a regression test run and a PR opened against affected workloads automatically. In the interim, compensating controls worth considering include network-policy rules that restrict access to the Tenda W15E management interface to trusted subnets only, egress filtering to reduce the attack surface, and feature-flag or firewall gating on the web authentication endpoint where the platform permits it.

See how HarborGuard automates this
Affected packages
  • n/a / n/a
    n/a
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References