CNNVD-202601-5055 Information
CNNVD ID
CNNVD-202601-5055
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
Tenda HG10是中国腾达(Tenda)公司的一个光猫路由器。 Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon存在命令注入漏洞,该漏洞源于对文件/boaform/formSysCmd中参数sysCmd的错误操作,可能导致命令注入。
Description (English)
Tenda HG10 is an optical cat router of Tenda, China. Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon has a command leak that results from an error in the use of the sysCmd parameter in the document/boaform/formSysCmd, which may lead to the command injection.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
腾达
Published
2026-01-30
Last Modified
2026-02-24
References
https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/Tenda/HG10/formSysCmd-sysCmd-command.md https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/Tenda/HG10/formSysCmd-sysCmd-command.md#poc https://vuldb.com/?ctiid.343484 https://vuldb.com/?id.343484 https://vuldb.com/?submit.741425 https://www.tenda.com.cn/ https://access.redhat.com/security/cve/cve-2026-1690
Share on: