VYPR

HG9

by Tenda

CVEs (10)

  • CVE-2026-11499CriJun 8, 2026
    risk 0.64cvss 9.8epss 0.07

    A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from…

  • CVE-2022-30023HigJun 16, 2022
    risk 0.61cvss 8.8epss 0.44

    Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.

  • CVE-2026-11553HigJun 8, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formPPPEdit of the file /boaform/formPPPEdit. The manipulation of the argument encodename results in stack-based buffer overflow. The attack can be launched remotely. The exploit has…

  • CVE-2026-11498HigJun 8, 2026
    risk 0.57cvss 8.8epss 0.04

    A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the function asp_voip_OtherSet of the file /boaform/voip_other_set of the component Web Management Interface. Performing a manipulation of the argument funckey_transfer results in…

  • CVE-2026-2910Feb 22, 2026
    risk 0.00cvss epss 0.03

    A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been…

  • CVE-2026-2909Feb 22, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be…

  • CVE-2026-2908Feb 22, 2026
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality of the file /boaform/formLoopBack of the component Loopback Detection Configuration Endpoint. Such manipulation of the argument Ethtype leads to stack-based…

  • CVE-2026-2907Feb 22, 2026
    risk 0.00cvss epss 0.01

    A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgpon_loid/fmgpon_loid_password causes stack-based…

  • CVE-2026-2906Feb 22, 2026
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched…

  • CVE-2026-2905Feb 22, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated…