CVE-2025-5836 | Tenda AC9 15.03.02.13 POST Request /goform/SetIPTVCfg formSetIptv list command injection

Inserito da Angelo Barbosa | Giu 6, 2025 | CVE

A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command injection.

The identification of this vulnerability is CVE-2025-5836. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-5836 | Tenda AC9 15.03.02.13 POST Request /goform/SetIPTVCfg formSetIptv list command injection

Post correlati

CVE-2024-9328 | SourceCodester Advocate Office Management System 1.0 /control/edit_client.php id sql injection

CVE-2024-37623 | Xinhu RockOA 2.6.3 tpl_kaoqin_locationchange.html cross site scripting

CVE-2024-5733 | itsourcecode Online Discussion Forum 1.0 register_me.php eaddress sql injection

CVE-2024-29989 | Microsoft Azure Monitor Agent unknown vulnerability