CVE-2025-10443
published 2025-09-15CVE-2025-10443: A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac15 | — | — |
| tenda | ac15 | — | — |
| tenda | ac15_firmware | — | — |
| tenda | ac9 | — | — |
| tenda | ac9 | — | — |
| tenda | ac9_firmware | — | — |