Back to CVE List

CVE-2026-0581

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Description

A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function formBehaviorManager of the file /goform/BehaviorManager of the component httpd. Executing a manipulation of the argument modulename/option/data/switch can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-74
Source
NVD
Vendor
tenda
Product
ac1206_firmware

External References

Discussion (0)

Add Comment

No comments yet. Be the first!