Exploit for CVE-2026-2905

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

Published: 2026-02-22

CVSS: 9.0

CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Download Exploit for CVE-2026-2905 here:

http://zeroday3sv534ljdendaufcrorz67yg6iujdpaknp6zqgxaevb7okfid.onion/exploit-for-cve-2026-2905.722/

Use Tor Browser to access .onion site.

https://sonitex.com/exploit-53-cve-2026-2853/

https://sonitex.com/exploit-383-cve-2025-50192/

https://sonitex.com/exploit-90-cve-2026-2905/

https://sonitex.com/exploit-521-cve-2026-27983/