Description
A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote.
Published: 2026-06-08
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw exists in the formDOMAINBLK function of the Tenda router firmware 300001138_en_xpon, where an unvalidated blkDomain argument can overflow a stack buffer. Based on the nature of stack-based buffer overflows, it is inferred that this could allow arbitrary code execution, which would compromise confidentiality, integrity and availability of the device.

Affected Systems

Tenda HG7HG9 and HG10 routers running firmware 300001138_en_xpon are affected. Access is via the web interface endpoint /boaform/formDOMAINBLK.

Risk and Exploitability

With a CVSS score of 9.3 the vulnerability carries a very high risk. EPSS is not available and the vulnerability is not listed in KEV, so the seriousness remains unchanged. The description indicates the attack may be performed remotely, and no authentication requirement is mentioned, implying the endpoint may be reachable without credentials. Therefore, exploitation is potentially straightforward for an attacker with network access to an exposed router.

Generated by OpenCVE AI on June 8, 2026 at 10:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Deploy the official firmware update that eliminates the unchecked blkDomain input size, addressing the buffer overflow identified under CWEs 119 and 121.
  • As a temporary measure, block or restrict HTTP access to /boaform/formDOMAINBLK via firewall rules or LAN isolation, so the vulnerable endpoint cannot be reached by unauthenticated clients before the patch is applied.
  • If patching or firewalling is not feasible, consider disabling the web management interface or isolating it to a separate network segment until a fix is available.

Generated by OpenCVE AI on June 8, 2026 at 10:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 08 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 08:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote.
Title Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow
First Time appeared Tenda
Tenda hg10
Tenda hg7hg9
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:h:tenda:hg10:*:*:*:*:*:*:*:*
cpe:2.3:h:tenda:hg7hg9:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda hg10
Tenda hg7hg9
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:ND/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Tenda Hg10 Hg7hg9
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-08T12:55:29.374Z

Reserved: 2026-06-07T13:23:38.138Z

Link: CVE-2026-11499

cve-icon Vulnrichment

Updated: 2026-06-08T12:55:24.924Z

cve-icon NVD

Status : Received

Published: 2026-06-08T09:16:29.957

Modified: 2026-06-08T09:16:29.957

Link: CVE-2026-11499

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-08T11:00:13Z

Weaknesses