CNNVD-202509-4284 Information
Sep 28, 2025
cve
CNNVD ID
CNNVD-202509-4284
Related CVE
- CNNVD Published: 2025-09-28
Description (Chinese)
Tenda AC18是中国腾达(Tenda)公司的一款路由器。 Tenda AC18 15.03.05.19版本存在命令注入漏洞,该漏洞源于对文件/goform/AdvSetLanip中参数lanIp的错误操作,可能导致远程命令注入攻击。
Description (English)
Tenda AC18 is a router for Tenda China. Version Tenda AC18 15.03.05.19 contains a command-injecting loophole, which stems from an error in the lanIp of the parameter in the document/goform/AdvSetLanip, which may result in a remote command-injection attack.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
腾达
Published
2025-09-28
Last Modified
2026-02-24
References
https://www.tenda.com.cn/ https://vuldb.com/?ctiid.326202 https://vuldb.com/?submit.664191 https://vuldb.com/?id.326202 https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC18/AdvSetLanip.md https://access.redhat.com/security/cve/cve-2025-11121
Share on: