PT-2026-21411 · Tenda · Tenda Hg9

Linxi666

Published

2026-02-10

Updated

2026-02-27

CVE-2026-2910

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda HG9 versions prior to 300001139

Description A stack-based buffer overflow issue exists in the Tenda HG9 device. The flaw is located in the file '/boaform/formPing6' and can be triggered by manipulating the pingAddr argument. This allows for remote exploitation. An exploit for this issue has been published.

Recommendations Update to version 300001139 or later.

Exploit

Fix

Buffer Overflow

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-121

Related Identifiers

BDU:2026-07497

CVE-2026-2910

Affected Products

Tenda Hg9

PT-2026-21411 · Tenda · Tenda Hg9

CVE-2026-2910

Weakness Enumeration

Related Identifiers

Affected Products

References · 15