Hg9 Firmware
CVE-2026-2905
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
AnalysisAI
Stack buffer overflow in Tenda HG9 firmware's wireless configuration endpoint allows authenticated remote attackers to achieve arbitrary code execution through a malicious SSID parameter. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. The vulnerability affects the /boaform/formWlanSetup component and currently has no available patch.
Technical ContextAI
Classified as CWE-119 (Buffer Overflow). Affects Hg9 Firmware. A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible. Restrict network access to the affected service where possible.
More in Hg9 Firmware
View allTenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. Rated high sev
Stack-based buffer overflow in Tenda HG9 firmware's pingAddr parameter allows unauthenticated remote attackers to achiev
Stack-based buffer overflow in the Diagnostic Ping Endpoint of Tenda HG9 firmware allows unauthenticated remote attacker
Stack-based buffer overflow in Tenda HG9 firmware's loopback detection endpoint allows remote attackers with valid crede
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the GPON configuration endpoint allows authenti
Remote code execution in Tenda HG9 firmware via stack buffer overflow in the Samba configuration endpoint allows authent
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today