Security Advisory

CVE-2025-10442

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-15 11:02:06
Last updated 2025-09-15 11:59:00
Assigner VulDB
State PUBLISHED

Description

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.