EUVD-2026-29015

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-8259 Tenda AC6 httpd telnet os command injection

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-8259

CVE-2026-8259 affects Tenda AC6 firmware version 2.0/15.03.06.23, where an unknown function in the HTTPD component’s /goform/telnet endpoint mishandles the lan.ip parameter, leading to an OS command injection. This allows remote exploitation with high impact on confidentiality, integrity, and ava...

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version Tenda AC6 2.0/15.03.06.23 contains a command injection vulnerability. This vulnerability stems from an unknown function in the httpd component’s file/goform/telnet, which manipulates the parameter lan.ip, potentiall...

PT-2026-39552

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2025-11121

CVE-2025-11121 is a command-injection vulnerability in the Tenda AC18 (firmware 15.03.05.19) related to the function in the file /goform/AdvSetLanip where the argument lanIp is mishandled. The attack is remote and the exploit has been publicly disclosed. The impact is described as high (per CVSS ...

PT-2025-39792

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.19 Description A security issue exists in Tenda AC18 version 15.03.05.19. The issue involves command injection through manipulation of the lanIp argument in the file /goform/AdvSetLanip. This can be initiated...

CVE-2025-1819

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lanip leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

PT-2022-21079 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version US AC10V1.0RTL V15.03.06.26 multi TD01 Description: A remote code execution issue was discovered, allowing exploitation via the lanIp parameter. Recommendations: For Tenda AC10 version US AC10V1.0RTL V15.03.06.26 multi TD01...