CVE-2026-36958

Exploit

EPSS 0.34%
Veröffentlicht 30.04.2026 00:00:00
Zuletzt bearbeitet 05.05.2026 03:00:49
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

U-speed ≫ N300 Firmware Version1.0.0

U-speed ≫ N300 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.34%	0.26

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://u-speed.com

Broken Link

https://github.com/kirubel-cve/CVE-2026-36958

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2026-36958

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-36958

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-36958

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-36958