CVE-2026-1690 | Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon /boaform/formSysCmd system sysCmd command injection

Inserito da Angelo Barbosa | Gen 30, 2026 | CVE

A vulnerability was found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. It has been rated as critical. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection.

This vulnerability appears as CVE-2026-1690. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-1690 | Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon /boaform/formSysCmd system sysCmd command injection

Post correlati

CVE-2025-60569 | D-Link DIR600L 116WWb01 formSetRoute curTime buffer overflow

CVE-2024-38517 | Tencent RapidJSON up to 1.1.0 reader.h ParseNumber integer underflow

CVE-2025-7974 | Rocket.Chat information disclosure

CVE-2024-30620 | Tenda AX1803 1.0.0.1 /goform/AdvSetMacMtuWan fromAdvSetMacMtuWan serviceName stack-based overflow