CVE-2026-36957

HIGH

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 - DoS

Title source: llm

Description

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities.

Exploits (1)

github WORKING POC

by kirubel-cve · poc

https://github.com/kirubel-cve/CVE-2026-36957

View Code ZIP pw:eip

References (2)

Core 2

Core References

http://dbit.com

https://github.com/kirubel-cve/CVE-2026-36957

Scores

CVSS v3 7.5

EPSS 0.0004

EPSS Percentile 11.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (1)

dbitnet/dbit_n300_t1_pro_firmware 1.0.0

Published Apr 30, 2026

Tracked Since Apr 30, 2026