cbcvebase.
CVE-2025-44872
published 2025-05-02

CVE-2025-44872: Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

Affected

1 ranges
VendorProductVersion rangeFixed in
tendaac9_firmware