CVE-2026-11499

Vulnerability

A stack-based buffer overflow vulnerability exists in the formDOMAINBLK function within the /boaform/formDOMAINBLK web interface of Tenda HG7, HG9, and HG10 routers, specifically affecting firmware version 300001138_en_xpon. The vulnerability arises from insufficient validation of the blkDomain parameter, allowing user-controlled input to overwrite stack buffers [1].

Exploitation

An unauthenticated attacker with network access to the router's web management interface can exploit this vulnerability. By sending a specially crafted request with a manipulated blkDomain argument to the /boaform/formDOMAINBLK endpoint, the attacker can trigger the buffer overflow [1].

Impact

Successful exploitation can lead to a denial-of-service condition by crashing the Boa web service. Depending on the runtime environment and existing protections, there is also a potential for arbitrary code execution, compromising the device [1].

Mitigation

No patched version or specific mitigation details are available in the provided references. The vendor website offers general product information but no security advisories for this vulnerability [1, 2].