CVE-2025-15254 | Tenda W6-S 1.0.0.4(510) ATE Service /goform/ate TendaAte os command injection

Inserito da Angelo Barbosa | Dic 29, 2025 | CVE

A vulnerability marked as critical has been reported in Tenda W6-S 1.0.0.4(510). This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection.

This vulnerability was named CVE-2025-15254. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2025-15254 | Tenda W6-S 1.0.0.4(510) ATE Service /goform/ate TendaAte os command injection

Post correlati

CVE-2025-3669 | Supreme Addons for Beaver Builder Plugin up to 1.0.9 on WordPress Shortcode auto_qrcodesabb cross site scripting

CVE-2024-10589 | nouthemes Leopard Plugin up to 3.1.1 on WordPress import_settings authorization

CVE-2024-2285 | boyiddha Automated-Mess-Management-System 1.0 /member/member_edit.php name cross site scripting

CVE-2025-6212 | Ultra Addons for Contact Form 7 Plugin up to 3.5.11/3.5.19 on WordPress Database Module ajax_get_table_data cross site scripting