Lucene search
K

4 matches found

Circl
Circl
added 2025/02/20 11:17 p.m.17 views

CVE-2025-25675

creationtimestamp| type| source ---|---|--- 2025-02-20 23:17:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4835 2025-02-21 00:56:10+00:00| seen| https://t.me/cvedetector/18614 2025-02-21 19:48:45+00:00| seen|...

9.8CVSS4.8AI score0.01213EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.7 views

CVE-2025-25675

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmdbuf variable, which is directly used in the doSystemCmd function, causing an arbitrary...

9.8AI score0.01213EPSS
Exploits0References1
CVE
CVE
added 2025/02/20 12:0 a.m.88 views

CVE-2025-25675

Summary: CVE-2025-25675 affects Tenda AC10 (V1.0, V15.03.06.23). The vulnerability is a command injection in the formexeCommand function. The code flow: the POST parameter cmdinput is assigned to str, then to cmd_buf, which is directly used by doSystemCmd, enabling arbitrary command execution. Mu...

9.8CVSS9.8AI score0.01213EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/20 12:0 a.m.29 views

CVE-2025-25675

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmdbuf variable, which is directly used in the doSystemCmd function, causing an arbitrary...

0.01213EPSS
Exploits0References1
Rows per page
Query Builder