CNNVD-202507-1559 Information

CNNVD ID

CNNVD-202507-1559

Related CVE

CVE-2025-7414

• CNNVD Published: 2025-07-10

Description (Chinese)

Tenda O3V2是中国腾达（Tenda）公司的一款室外无线网桥。 Tenda O3V2 1.0.0.12(3880)版本存在命令注入漏洞，该漏洞源于文件/goform/setPingInfo中参数domain的操作可能导致os命令注入。

Description (English)

Tenda O3V2 is an outdoor wireless bridge of Tenda, China. The Tenda O3V2.0.0.12 (3880) version contains a command-injecting loophole, which stems from the operation of the parameter domain in the file/goform/setPingInfo, which may result in an Os command injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

腾速科技

Published

2025-07-10

Last Modified

2026-02-24

References

https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md https://www.tenda.com.cn/ https://vuldb.com/?ctiid.315874 https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc https://vuldb.com/?id.315874 https://vuldb.com/?submit.608855 https://access.redhat.com/security/cve/cve-2025-7414 https://nvd.nist.gov/vuln/detail/CVE-2025-7414