top of page
perceptive_background_267k.jpg

A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the componen…

Published:

24 April 2026 at 22:00:00

Alert date:

25 April 2026 at 19:01:03

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Network Infrastructure

A buffer overflow vulnerability has been discovered in Tenda HG10 routers affecting the formRoute function in the Boa Service component. The vulnerability is triggered by manipulating the nextHop argument in the /boaform/formRouting file. The flaw can be exploited remotely and a public exploit is available. This affects the HG7_HG9_HG10re_300001138_en_xpon firmware version. The vulnerability allows attackers to cause buffer overflow conditions through network-based attacks.

Technical details

Mitigation steps:

Affected products:

Tenda HG10

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-6988
https://github.com/xyh4ck/iot_poc/blob/main/Tenda/HG10/01_Buffer_Overflow_nextHop/README.md
https://vuldb.com/submit/796427
https://vuldb.com/vuln/359540
https://vuldb.com/vuln/359540/cti
https://www.tenda.com.cn/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page