CVE•Published 2026-04-30•Modified 2026-05-05•1 article on news•6 live references•NVD data

CVE-2026-36956Dbitnet · Dbit_n300_t1_pro_firmware

Vulnerability data via NVD (ingested)

CVSS v3.1

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS percentile

Exploit Prediction Scoring System · top 95% of all CVEs

Weaknesses (CWE)

CWE-352Cross-Site Request Forgery (CSRF)

Description

A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action.

Timeline

Published 2026-04-30

Modified 2026-05-05

External references

NVD MITRE Exploit-DB GitHub PoC Sploitus VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-36956

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · OS

os:"Dbit N300 T1 Pro Firmware"

Hosts Shodan identified as running Dbit N300 T1 Pro Firmware.

More intel sources (5)

Shodan report

vuln:CVE-2026-36956

Country / ASN / product breakdown for the vuln query.

Censys

vulnerabilities.cve_id: CVE-2026-36956