Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/01/30 4:2 p.m.9 views

CVE-2026-1687

CVE-2026-1687 concerns Tenda HG10 devices with Boa Webserver, where an issue in the /boaform/formSamba handler allows remote command injection by manipulating the serverString argument. The vulnerability affects the Boa Webserver component and could enable an attacker to execute arbitrary command...

7.5CVSS5.7AI score0.0561EPSS
Exploits1References6Affected Software1
CNNVD
CNNVDadded 2026/01/30 12:0 a.m.1 views

Tenda HG10 command injection vulnerability

The Tenda HG10 is a fiber-optic router produced by the Chinese company Tenda. The Tenda HG10 USHG7HG9HG10re300001138enxpon has a command injection vulnerability. This vulnerability arises from an unknown function in the Boa Webserver component, which manipulates the parameter “serverString” in th...

7.5CVSS7.2AI score0.0561EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2026/01/30 12:0 a.m.5 views

PT-2026-5423

A weakness has been identified in Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

7.5CVSS6.9AI score0.0561EPSS
Exploits1References7
Rows per page
Query Builder