CVE-2026-8265 | Tenda AC6 15.03.06.23 httpd /goform/getLogFile get_log_file wans.flag os command injection

A vulnerability has been found in Tenda AC6 15.03.06.23 and classified as critical. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection.

This vulnerability is documented as CVE-2026-8265. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More