CNNVD-202509-3043 Information

CNNVD ID

CNNVD-202509-3043

Related CVE

CVE-2025-57296

• CNNVD Published: 2025-09-19

Description (Chinese)

Tenda AC6是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC6 15.03.05.19版本存在安全漏洞，该漏洞源于formSetIptv函数在处理list和vlanId参数时未验证或清理特殊字符，可能导致执行任意系统命令。

Description (English)

Tenda AC6 is a wireless router of Tenda China. There is a security loophole in version Tenda AC6 15.03.05.19, which stems from the fact that the FormSetIptv function does not verify or clear special characters when dealing with list and vlanId parameters, which may result in the execution of any system command.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-09-19

Last Modified

2026-02-24

References

https://github.com/ZZ2266/.github.io/blob/main/Tenda/readme.md https://github.com/ZZ2266/.github.io/tree/main/Tenda https://tenda.com.cn/material/show/2681 https://access.redhat.com/security/cve/cve-2025-57296