CVE-2025-9090 | Tenda AC20 16.03.08.12 Telnet Service /goform/telnet websFormDefine command injection

A vulnerability identified as critical has been detected in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection.

This vulnerability is traded as CVE-2025-9090. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More