CVE-2026-8263
Undergoing Analysis Undergoing Analysis - In Progress
Command Injection in Tenda AC6 Router Firmware

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: VulDB

Description
A security flaw has been discovered in Tenda AC6 15.03.06.49_multi_TDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-20
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-19
NVD
CVE-2026-8263
EUVD
EUVD-2026-29019
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda ac6 15.03.06.49_multi_tde01
tenda ac10u to 15.03.06.49 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Tenda AC6 and AC10U devices, specifically in the fromSetWirelessRepeat function of the httpd component. It involves improper handling of input parameters such as mac and ssid, which allows an attacker to perform OS command injection remotely. This means that an attacker can manipulate these inputs to execute arbitrary commands on the device.

Additionally, for the Tenda AC10U device, a related stack overflow vulnerability occurs because the wpapsk_crypto parameter is copied without length validation, potentially leading to memory corruption.

Impact Analysis

The vulnerability allows remote attackers to execute arbitrary operating system commands on affected Tenda devices. This can lead to unauthorized control over the device, potentially allowing attackers to disrupt network operations, steal sensitive information, or use the device as a foothold for further attacks within the network.

Detection Guidance

This vulnerability can be detected by sending a specially crafted request to the vulnerable endpoint /goform/WifiExtraSet targeting the fromSetWirelessRepeat function. A proof-of-concept involves sending a payload with an excessively long string (e.g., 0x500 'a' characters) in parameters such as wpapsk_crypto to trigger the stack overflow.

You can use tools like curl or similar HTTP request utilities to test the endpoint. For example, a command might look like:

  • curl -X POST http://[router_ip]/goform/WifiExtraSet -d "wpapsk_crypto=$(python3 -c 'print("a"*1280)')"

Monitoring network traffic for unusual or malformed requests to /goform/WifiExtraSet can also help detect exploitation attempts.

Mitigation Strategies

Since no official patch has been released by the vendor yet, immediate mitigation steps include:

  • Restrict remote access to the router's management interface to trusted networks only.
  • Disable remote management features if not needed.
  • Monitor the vendor's official website for firmware updates addressing this vulnerability.
  • Implement network-level protections such as firewall rules to block suspicious requests targeting /goform/WifiExtraSet.
Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8263. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart