CRITICAL🇵🇱 Wersja polska

CVE-2025-44872

CVSS 9.8v3.1pub. 2025-05-02upd. 2025-05-27

Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

🤖 AI Analysis
How it works

The vulnerability is located in the formsetUsbUnload function, which processes the deviceName parameter without proper validation and sanitization of input data. An attacker can send a specially crafted request containing a malicious payload in the deviceName field, thereby injecting arbitrary system commands. These commands are then executed by the device with the privileges of the process handling the request.

Impact

A remote unauthenticated attacker can execute arbitrary system commands on the vulnerable device, leading to complete takeover of control, disclosure of sensitive configuration data, and violation of device integrity and availability.

Mitigation & patch

Security patches available from the manufacturer should be applied according to the references. Until an update is released, it is recommended to restrict access to the device's administrative interface only to trusted local networks and block Internet access through a firewall.

Who is affected

Tenda AC9 with firmware version V15.03.06.42_multi

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Tenda Ac9

    HW
    Tenda
    wszystkie wersje
  • Tenda Ac9 Firmware

    OS
    Tenda
    15.03.06.42_multi
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-14558CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firm...

CVE-2025-45042CRITICAL9.8PL ✓ten sam produkt

Command injection w funkcji Telnet routera Tenda AC9

CVE-2025-44877CRITICAL9.8PL ✓ten sam produkt

Command injection w Tenda AC9 — funkcja formSetSambaConf (parametr usbname)

CVE-2025-45427CRITICAL9.8PL ✓ten sam produkt

Tenda AC9 – stack overflow w WifiBasicSet umożliwia zdalny RCE

CVE-2025-45428CRITICAL9.8PL ✓ten sam produkt

Stack overflow w Tenda AC9 – RCE przez parametr rebootTime