CVE-2025-57639
published 2025-09-23CVE-2025-57639: OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the…
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac9_firmware | — | — |