CVE-2026-7469 | Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01 /goform/DelFil sub_425A28 delflag command injection

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability described as critical has been identified in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag results in command injection.

This vulnerability is cataloged as CVE-2026-7469. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-7469 | Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01 /goform/DelFil sub_425A28 delflag command injection

Post correlati

CVE-2024-1661 | Totolink X6000R 9.4.0cu.852_B20230719 /etc/shadow hard-coded credentials

CVE-2024-53777 | Alberto Reineri Simple Header and Footer Plugin up to 1.0.0 on WordPress cross-site request forgery

CVE-2024-12617 | WC Price History for Omnibus Plugin up to 2.1.3 on WordPress authorization

CVE-2025-11502 | Schema & Structured Data for WP & AMP Plugin up to 1.51 on WordPress Shortcode saswp_tiny_multiple_faq cross site scripting