CNNVD-202601-5053 Information
CNNVD ID
CNNVD-202601-5053
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
Tenda HG10是中国腾达(Tenda)公司的一个光猫路由器。 Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon存在命令注入漏洞,该漏洞源于对文件/boaform/admin/formLogin中参数Host的错误操作,可能导致命令注入。
Description (English)
Tenda HG10 is an optical cat router of Tenda, China. Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon contains command-injecting loopholes that stem from an error in the Host parameter in document/boaform/admin/formLogin, which may lead to the command-injection.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
腾达
Published
2026-01-30
Last Modified
2026-02-24
References
https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/Tenda/HG10/formLogin-Host-command.md https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/Tenda/HG10/formLogin-Host-command.md#poc https://vuldb.com/?ctiid.343483 https://vuldb.com/?id.343483 https://vuldb.com/?submit.741411 https://www.tenda.com.cn/ https://access.redhat.com/security/cve/cve-2026-1689
Share on: