| عنوان | Tenda Tenda F453 Router <= V1.0.0.3 Remote Command Execution |
|---|
| الوصف | A remote command execution vulnerability exists in the Tenda F453 router (firmware version V1.0.0.3). An attacker can activate the device’s Telnet service through a specific HTTP endpoint. The vulnerability is located in the TendaTelnet function, which directly executes system commands to enable the Telnet service but lacks proper access control and security validation. As a result, an attacker can send a crafted request to enable Telnet and then obtain interactive shell access to the router, ultimately achieving arbitrary command execution. |
|---|
| المصدر | ⚠️ https://github.com/alc9700jmo/CVE/issues/24 |
|---|
| المستخدم | alc9700 (UID 79368) |
|---|
| ارسال | 03/04/2026 06:14 PM (23 أيام منذ) |
|---|
| الاعتدال | 24/04/2026 09:25 PM (21 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 359541 [Tenda F453 حتى 1.0.0.3 Telnet Service /goform/telnet TendaTelnet تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|