CVE-2026-36817

Vulnerability

A buffer overflow vulnerability exists in the formAddWebAuthWhiteUser function of Tenda W15E firmware version v15.11.0.10. The vulnerability is triggered when processing the webAuthWhiteUserInfo parameter, which is retrieved using websGetVar. The strncpy function is used without proper bounds checking on the length of the input, leading to the overflow [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the formAddWebAuthWhiteUser CGI endpoint. The request must include a webAuthWhiteUserInfo parameter with a value that is excessively long, for example, a string of approximately 500 or more characters followed by a newline character, causing strncpy to write beyond the allocated buffer [1].

Impact

Successful exploitation of this vulnerability can lead to a Denial of Service (DoS) condition. This may manifest as a process crash or general device instability, rendering the device inoperable for legitimate users [1].

Mitigation

As of the available references, a patched version or specific mitigation steps have not yet been disclosed. Users are advised to monitor official Tenda advisories for updates regarding this vulnerability [1].