ГлавнаяУязвимости → CVE-2026-2907
8.8высокая

CVE-2026-2907

Описание

A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgpon_loid/fmgpon_loid_password causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

Затрагиваемое ПО
Tenda Hg9 firmwareTenda Hg9
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/QIU-DIE/cve-nneeww/issues/9https://vuldb.com/?ctiid.347216https://vuldb.com/?id.347216https://vuldb.com/?submit.755201https://www.tenda.com.cn/