CVE-2025-57296
BaseFortify
Publication date: 2025-09-19
Last updated on: 2025-09-25
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac6_firmware | 15.03.05.19 |
| tenda | ac6 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Tenda AC6 router firmware version 15.03.05.19. It is a command injection flaw in the formSetIptv function, which handles requests to the /goform/SetIPTVCfg web interface. The vulnerability arises because the sub_ADBC0 helper function concatenates user-supplied parameters (list and vlanId) into system commands without validating or sanitizing special characters. This allows an attacker, whether authenticated or not, to send a specially crafted POST request that results in arbitrary system command execution on the router.
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow an attacker to execute arbitrary system commands on the affected Tenda AC6 router. This could lead to full control over the device, enabling actions such as modifying router settings, intercepting or redirecting network traffic, installing malware, or disrupting network services.