VYPR

Hg10 Firmware

by Tenda

CVEs (4)

  • CVE-2026-6988HigApr 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack…

  • CVE-2026-1689HigJan 30, 2026
    risk 0.48cvss 7.3epss 0.03

    A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection.…

  • CVE-2026-1687HigJan 30, 2026
    risk 0.48cvss 7.3epss 0.03

    A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to…

  • CVE-2026-1690MedJan 30, 2026
    risk 0.31cvss 4.7epss 0.04

    A flaw has been found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and…