CNNVD-202509-3663 Information

CNNVD ID

CNNVD-202509-3663

Related CVE

CVE-2025-57639

• CNNVD Published: 2025-09-23

Description (Chinese)

Tenda AC9是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC9 1.0版本存在安全漏洞，该漏洞源于httpd文件中formSetSambaConf函数对usb.samba.guest.user参数处理不当，可能导致OS命令注入。

Description (English)

Tenda AC9 is a wireless router of Tenda China. There is a security loophole in version Tenda AC9 1.0, which stems from the inappropriate handling of the usb.samba.guest.user parameters in the FormSambaConf function of the httpd document, which could lead to an OS command injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-09-23

Last Modified

2026-02-24

References

https://github.com/glkfc/IoT-Vulnerability/blob/main/Tenda/tenda2.md