Stack-Based Buffer Overflow in Tenda HG7HG9 and HG10 Web Management Interface
CVE-2026-11498
8.7HIGH
What is CVE-2026-11498?
A stack-based buffer overflow vulnerability exists in the Tenda HG7HG9 and HG10 products. It affects the asp_voip_OtherSet function within the Web Management Interface at the /boaform/voip_other_set location. An attacker can exploit this vulnerability by manipulating the funckey_transfer argument, leading to a potential remote exploitation of the affected products.
Affected Version(s)
HG10 300001138_en_xpon
HG7HG9 300001138_en_xpon