CVE-2026-36957

EUVD-2026-26378
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
dbitnetdbit_n300_t1_pro_firmware
1.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://dbit.com
https://github.com/kirubel-cve/CVE-2026-36957
https://github.com/kirubel-cve/CVE-2026-36957