| Title | Tenda Tenda AC9 V1.0BR_V15.03.05.14 OS Command Injection |
|---|
| Description | A command injection vulnerability was discovered in Tenda AC9 V1.0BR_V15.03.05.14, triggered by the cmdinput parameter in /goform/exeCommand. Attackers can exploit this vulnerability by crafting malicious packets to execute arbitrary commands, thereby gaining full control of the target device. |
|---|
| Source | ⚠️ https://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC9_CJ.md |
|---|
| User | shiny (UID 76015) |
|---|
| Submission | 09/04/2025 15:42 (10 months ago) |
|---|
| Moderation | 09/14/2025 17:40 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323876 [Tenda AC9/AC15 15.03.05.14 /goform/exeCommand formexeCommand cmdinput os command injection] |
|---|
| Points | 18 |
|---|