What is CVE-2026-36956?

CVE-2026-36956 is a high-severity vulnerability in Dbitnet Dbit_n300_t1_pro, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.8/10. Published 2026-04-30.

How severe is CVE-2026-36956?

High severity. CVSS v3 base score is 8.8 out of 10.

Is CVE-2026-36956 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

CSRF in Dbitnet Dbit_n300_t1_pro

CVE-2026-36956

A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Ori…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.000 (5.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Dbitnet Dbit_n300_t1_pro
Dbitnet Dbit_n300_t1_pro_firmware — versions 1.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

Public proof-of-concept exploits

kirubel-cve/CVE-2026-36956

References

cve@mitre.org (Not Applicable)
cve@mitre.org (Exploit, Third Party Advisory)

Frequently asked questions

What is CVE-2026-36956?: CVE-2026-36956 is a high-severity vulnerability in Dbitnet Dbit_n300_t1_pro, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.8/10. Published 2026-04-30.
How severe is CVE-2026-36956?: High severity. CVSS v3 base score is 8.8 out of 10.
Is CVE-2026-36956 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.