CVE-2026-8264
Analyzed Analyzed - Analysis Complete
Command Injection in Tenda AC6 Router

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: VulDB

Description
A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-20
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-19
NVD
CVE-2026-8264
EUVD
EUVD-2026-29020
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tenda ac6_firmware 15.03.06.23
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a command injection flaw found in the Tenda AC6 V2.0 router with firmware version 15.03.06.23. It exists in the formWifiApScan function of the /bin/httpd component, specifically when processing the parameters "wl2g.public.country" and "wl5g.public.country".

Because the input parameters are not properly sanitized, an attacker can inject arbitrary operating system commands by sending a specially crafted POST request to the /goform/WifiApScan endpoint. This allows remote execution of commands on the device.

Compliance Impact

The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability allows an attacker to remotely execute arbitrary OS commands on the affected router without user interaction.

  • Compromise of the router's integrity and control.
  • Potential unauthorized access to the internal network.
  • Disruption of network services or interception of network traffic.
  • Use of the compromised device as a pivot point for further attacks.
Detection Guidance

This vulnerability can be detected by sending a crafted POST request to the /goform/WifiApScan endpoint of the Tenda AC6 router and observing if command injection is possible via the wl2g.public.country or wl5g.public.country parameters.

For example, sending a POST request with the country parameter set to a command injection payload such as ";id" can help verify if the system executes arbitrary OS commands.

A sample command using curl to test this could be:

  • curl -X POST http://[router_ip]/goform/WifiApScan -d "wl2g.public.country=;id"
  • curl -X POST http://[router_ip]/goform/WifiApScan -d "wl5g.public.country=;id"

If the response or behavior indicates execution of the injected command (such as returning user id information), the vulnerability is present.

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint /goform/WifiApScan to trusted networks only, such as by using firewall rules or network segmentation.

Additionally, avoid exposing the router's management interface to the internet to prevent remote exploitation.

If possible, update the router firmware to a version where this vulnerability is patched or contact the vendor for an official fix.

As a temporary workaround, monitor and block suspicious POST requests targeting the /goform/WifiApScan endpoint with unusual parameter values.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8264. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart