CVE-2025-9090 | Tenda AC20 16.03.08.12 Telnet Service /goform/telnet websFormDefine command injection

Inserito da Angelo Barbosa | Ago 16, 2025 | CVE

A vulnerability identified as critical has been detected in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection.

This vulnerability is traded as CVE-2025-9090. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-9090 | Tenda AC20 16.03.08.12 Telnet Service /goform/telnet websFormDefine command injection

Post correlati

CVE-2024-5464 | Huawei HarmonyOS/EMUI NearLink Module information disclosure

CVE-2024-6256 | smub Feeds for YouTube Plugin up to 2.2.1 on WordPress cross site scripting

CVE-2025-38502 | Linux Kernel up to 6.16.0 bpf_get_local_storage different out-of-bounds

CVE-2024-38504 | JetBrains YouTrack up to 2024.1.29548 File Attachment authorization