CVE-2025-10442 | Tenda AC9/AC15 15.03.05.14 /goform/exeCommand formexeCommand cmdinput os command injection

A vulnerability classified as critical has been found in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection.

This vulnerability is registered as CVE-2025-10442. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More