ГлавнаяУязвимости → CVE-2025-10443
8.8высокая

CVE-2025-10443

Описание

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

Затрагиваемое ПО
Tenda Ac9 firmwareTenda Ac9Tenda Ac15 firmwareTenda Ac15
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC15_AC9_Bof.mdhttps://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC15_AC9_Bof.md#pochttps://vuldb.com/?ctiid.323877https://vuldb.com/?id.323877https://vuldb.com/?submit.647840https://www.tenda.com.cn/