← Back

CVE-2026-36958

nvd nist
Published: Apr 30, 2026Modified: May 5, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation.

Affected (1)

U Speed
1 product
N300 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
N300 Firmware
Version 1.0.0
Running on/withPlatform Versions
U Speed
N300
All versions

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
ExploitThird Party Advisory

Timeline

No history available yet.