Details of VAR-202503-0050

ID

VAR-202503-0050

CVE

CVE-2025-1819

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC7 Command injection vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-009338

DESCRIPTION

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lan_ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the TendaTelnet function in the /goform/telnet file failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution

Trust: 2.16

sources: NVD: CVE-2025-1819 // JVNDB: JVNDB-2025-009338 // CNVD: CNVD-2025-05230

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-05230

AFFECTED PRODUCTS

vendor:	tenda	model:	ac7	scope:	eq	version:	15.03.06.44	Trust: 1.6
vendor:	tenda	model:	ac7	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac7	scope:	eq	version:	ac7 firmware 15.03.06.44	Trust: 0.8
vendor:	tenda	model:	ac7	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2025-05230 // JVNDB: JVNDB-2025-009338 // NVD: CVE-2025-1819

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-1819
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2025-1819
value:	CRITICAL
Trust: 1.0
OTHER:	JVNDB-2025-009338
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2025-05230
value:	MEDIUM
Trust: 0.6

cna@vuldb.com:	CVE-2025-1819
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-009338
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-05230
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-1819
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-1819
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2025-009338
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-05230 // JVNDB: JVNDB-2025-009338 // NVD: CVE-2025-1819 // NVD: CVE-2025-1819

PROBLEMTYPE DATA

problemtype:	CWE-77	Trust: 1.0
problemtype:	CWE-78	Trust: 1.0
problemtype:	Command injection (CWE-77) [ others ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [ others ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-009338 // NVD: CVE-2025-1819

EXTERNAL IDS

db:	NVD	id:	CVE-2025-1819	Trust: 3.2
db:	VULDB	id:	298092	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-009338	Trust: 0.8
db:	CNVD	id:	CNVD-2025-05230	Trust: 0.6

sources: CNVD: CNVD-2025-05230 // JVNDB: JVNDB-2025-009338 // NVD: CVE-2025-1819

REFERENCES

url:	https://vuldb.com/?id.298092	Trust: 1.8
url:	https://vuldb.com/?submit.504429	Trust: 1.8
url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-1819	Trust: 1.4
url:	https://vuldb.com/?ctiid.298092	Trust: 1.0
url:	https://github.com/raining-101/iot_cve/blob/main/tenda%20a7%20v15.03.06.44%20command%20injection.md	Trust: 1.0

sources: CNVD: CNVD-2025-05230 // JVNDB: JVNDB-2025-009338 // NVD: CVE-2025-1819

SOURCES

db:	CNVD	id:	CNVD-2025-05230
db:	JVNDB	id:	JVNDB-2025-009338
db:	NVD	id:	CVE-2025-1819

LAST UPDATE DATE

2025-07-22T23:45:41.176000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-05230	date:	2025-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2025-009338	date:	2025-07-18T08:39:00
db:	NVD	id:	CVE-2025-1819	date:	2025-07-16T14:13:01.587

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-05230	date:	2025-03-13T00:00:00
db:	JVNDB	id:	JVNDB-2025-009338	date:	2025-07-18T00:00:00
db:	NVD	id:	CVE-2025-1819	date:	2025-03-02T17:15:11.483