CVE-2026-36822

Vulnerability

A buffer overflow vulnerability exists in the formDelStaState function of Shenzhen Tenda Technology Co., Ltd Tenda W20E version 15.11.0.6. The vulnerability is triggered by the macAddr parameter, which is processed by websGetVar and subsequently used in memcpy without proper bounds checking. The vulnerable code path is reachable via a crafted HTTP request to the formDelStaState CGI endpoint [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the formDelStaState CGI endpoint. The request must include a long string for the macAddr parameter, such as a*888 + ',' or longer. This crafted parameter will cause a buffer overflow when copied into a fixed-size buffer within the formDelStaState function [1].

Impact

Successful exploitation of this vulnerability results in a Denial of Service (DoS) condition. This can manifest as a process crash or device instability, rendering the Tenda W20E router inoperable for legitimate users [1].

Mitigation

No patched version or specific mitigation details are available in the provided references. The latest version mentioned is V16.01.0.6, but it is not confirmed if this version addresses the vulnerability. Users are advised to check for official updates from Tenda Technology.