A vulnerability labeled as critical has been found in Tenda HG7HG9 and HG10 300001138_en_xpon . This affects the function formPPPEdit of the file /boaform/formPPPEdit . The manipulation of the argument encodename results in stack-based buffer overflow. This vulnerability is reported as CVE-2026-11553 . The attack can be launched remotely. Moreover, an exploit is present.