CNNVD-202601-925 Information

Jan 05, 2026 cve

CNNVD ID

CNNVD-202601-925

CVE-2026-0581

CNNVD Published: 2026-01-05

Description (Chinese)

Tenda AC1206是中国腾达（Tenda）公司的一款无线千兆路由器。 Tenda AC1206 15.03.06.23版本存在命令注入漏洞，该漏洞源于对文件/goform/BehaviorManager中参数modulename/option/data/switch的错误操作，可能导致命令注入攻击。

Description (English)

Tenda AC1206 is a wireless gigabyte router of Tenda, China. Version Tenda AC 1206 15.03.06.23 contains a command-injecting loophole, which results from a mishandling of the parameter Modulename/option/data/switch in document/goform/BehaviorManager, which may lead to an order-injection attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

腾达

Published

2026-01-05

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.339473 https://github.com/ccc-iotsec/cve-/blob/Tenda/Tenda%20AC1206%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md https://vuldb.com/?id.339473 https://vuldb.com/?submit.731193 https://www.tenda.com.cn/ https://access.redhat.com/security/cve/cve-2026-0581

Share on: