Skip to main content

U-SPEED N300 EUVDEUVD-2026-26379

| CVE-2026-36958 HIGH
Uncontrolled Resource Consumption (CWE-400)
2026-04-30 mitre
7.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Apr 30, 2026 - 17:45 vuln.today
CVSS changed
Apr 30, 2026 - 16:22 NVD
7.5 (None) 7.5 (HIGH)
EUVD ID Assigned
Apr 30, 2026 - 15:00 euvd
EUVD-2026-26379
Analysis Generated
Apr 30, 2026 - 15:00 vuln.today
CVE Published
Apr 30, 2026 - 00:00 nvd
HIGH 7.5

DescriptionCVE.org

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation.

AnalysisAI

Remote unauthenticated attackers can crash the U-SPEED N300 V1.0.0 wireless router by flooding its web management interface with concurrent HTTP requests to random or non-existent endpoints, exhausting resources in the embedded Boa HTTP server until manual reboot is required. SSVC framework confirms proof-of-concept exploit code exists and the attack is fully automatable. CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates this is trivially exploitable from the internet without authentication, though impact is limited to availability disruption with no data compromise.

Technical ContextAI

This vulnerability affects the embedded Boa HTTP server implementation used in the U-SPEED N300 V1.0.0 wireless router's web management interface. The root cause is CWE-400 (Uncontrolled Resource Consumption), a classic resource exhaustion flaw where the HTTP server lacks proper request rate limiting, connection throttling, or resource allocation controls. When bombarded with concurrent requests to invalid URIs, the embedded web server exhausts available memory, file descriptors, or processing threads until it becomes unresponsive. Boa is a lightweight single-threaded HTTP server commonly used in embedded devices and IoT products due to its small footprint, but this efficiency comes at the cost of limited built-in protections against resource exhaustion attacks. The CPE data from NVD is incomplete (cpe:2.3:a:n/a:n/a), indicating potential gaps in vulnerability tracking databases for this vendor's products.

RemediationAI

No vendor-released patch has been identified in the available data - the primary vendor reference (http://u-speed.com) is a domain reference rather than a security advisory. Users should immediately check u-speed.com for firmware updates addressing CVE-2026-36958 and upgrade to any version newer than V1.0.0 if available. As a critical compensating control, restrict access to the router's web management interface to trusted internal networks only by disabling WAN-side administrative access in the router configuration (typically under Remote Management or WAN Access settings). Configure firewall rules to block external access to TCP ports 80 and 443 destined for the router's WAN IP address. If remote administration is absolutely required, implement VPN-based access rather than direct internet exposure, though this adds complexity and potential VPN-related vulnerabilities. Note that disabling WAN management may complicate remote troubleshooting for non-technical users. The GitHub reference (https://github.com/kirubel-cve/CVE-2026-36958) may contain proof-of-concept code useful for validation testing in isolated lab environments but should not be used against production systems without authorization.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

EUVD-2026-26379 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy