CVE-2026-11499
CriticalCVSS 9.8Summary
A vulnerability was identified in Tenda HG7HG9 and HG10 300001138_en_xpon affecting the function formDOMAINBLK in the file /boaform/formDOMAINBLK. Manipulating the argument blkDomain can lead to stack-based buffer overflow.
Risk Assessment
An attacker can exploit this vulnerability remotely to execute malicious code, posing a serious security threat to the system.
Recommendation
It is recommended to update the software to the latest version to mitigate this vulnerability and to monitor the system for unauthorized access attempts.
Original NVD description (English source)
A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote.

