9 matches found
EUVD-2026-29015
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-8259 Tenda AC6 httpd telnet os command injection
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-8259
CVE-2026-8259 affects Tenda AC6 firmware version 2.0/15.03.06.23, where an unknown function in the HTTPD component’s /goform/telnet endpoint mishandles the lan.ip parameter, leading to an OS command injection. This allows remote exploitation with high impact on confidentiality, integrity, and ava...
PT-2026-39552
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
Tenda AC6 命令注入漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version Tenda AC6 2.0/15.03.06.23 contains a command injection vulnerability. This vulnerability stems from an unknown function in the httpd component’s file/goform/telnet, which manipulates the parameter lan.ip, potentiall...
CVE-2025-11121
CVE-2025-11121 is a command-injection vulnerability in the Tenda AC18 (firmware 15.03.05.19) related to the function in the file /goform/AdvSetLanip where the argument lanIp is mishandled. The attack is remote and the exploit has been publicly disclosed. The impact is described as high (per CVSS ...
PT-2025-39792
Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.19 Description A security issue exists in Tenda AC18 version 15.03.05.19. The issue involves command injection through manipulation of the lanIp argument in the file /goform/AdvSetLanip. This can be initiated...
CVE-2025-1819
A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lanip leads to os command injection. It is possible to launch the attack remotely. The exploit has been...
PT-2022-21079 · Tenda · Tenda Ac10
Name of the Vulnerable Software and Affected Versions: Tenda AC10 version US AC10V1.0RTL V15.03.06.26 multi TD01 Description: A remote code execution issue was discovered, allowing exploitation via the lanIp parameter. Recommendations: For Tenda AC10 version US AC10V1.0RTL V15.03.06.26 multi TD01...