CVE-2026-36821

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published Jun 09, 2026

Vendor unknown

Description

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

References

https://github.com/xhh0124/SemVulLLM/tree/main/W20E/formCropAndSetWewifiPic