CVE-2026-7160 | Tenda HG3 2.0 /boaform/formTracert datasize command injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability classified as critical was found in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the argument datasize can lead to command injection.

This vulnerability appears as CVE-2026-7160. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-7160 | Tenda HG3 2.0 /boaform/formTracert datasize command injection

Post correlati

CVE-2025-25302 | danielgatis rembg up to 2.0.57 origin validation (GHSL-2024-161)

CVE-2015-10130 | nik00726 Team Circle Image Slider with Lightbox Plugin 1.0 on WordPress cross-site request forgery

CVE-2024-34063 | matrix-org vodozemac 0.5.0/0.5.1 Feature Flag insecure default initialization of resource (GHSA-c3hm-hxwf-g5c6)

CVE-2025-24166 | Apple watchOS Web denial of service