| Title | Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon Command Injection |
|---|
| Description | A command execution vulnerability exists in the Tenda HG10 AC1200 Dualband Wi-Fi xPON ONT router.
The vulnerability resides in the boa web server’s formSamba interface and is caused by improper handling of the user-supplied serverString parameter. Due to the absence of adequate input validation and filtering, an attacker can inject arbitrary system commands through specially crafted requests. Exploitation of this vulnerability allows an unauthenticated attacker to execute arbitrary commands on the affected device, potentially leading to full compromise of the router.
The application retrieves the serverString value directly from user input using the boaGetVar function and embeds it into a shell command without sufficient validation or sanitization. As a result, attackers can inject malicious commands into the parameter, which are then executed by the system.
By exploiting this vulnerability, an unauthenticated attacker can execute arbitrary system commands on the target device, potentially gaining full control over the router. |
|---|
| Source | ⚠️ https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/Tenda/HG10/formSamba-serverString-command.md |
|---|
| User | Abcd1234 (UID 94604) |
|---|
| Submission | 01/17/2026 06:54 (3 months ago) |
|---|
| Moderation | 01/30/2026 08:51 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 343481 [Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon Boa Webserver /boaform/formSamba serverString command injection] |
|---|
| Points | 20 |
|---|