Sign-up

ID

VAR-202508-2009


CVE

CVE-2025-9090


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC20  Injection Vulnerability in Firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-012083

DESCRIPTION

A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC20 The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the websFormDefine function in the /goform/telnet file failing to properly sanitize special characters and commands when constructing commands. An attacker could exploit this vulnerability to execute arbitrary commands

Trust: 2.16

sources: NVD: CVE-2025-9090 // JVNDB: JVNDB-2025-012083 // CNVD: CNVD-2025-19109

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19109

AFFECTED PRODUCTS

vendor:tendamodel:ac20scope:eqversion:16.03.08.12

Trust: 1.6

vendor:tendamodel:ac20scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac20scope:eqversion:ac20 firmware 16.03.08.12

Trust: 0.8

vendor:tendamodel:ac20scope: - version: -

Trust: 0.8

sources: CNVD: CNVD-2025-19109 // JVNDB: JVNDB-2025-012083 // NVD: CVE-2025-9090

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-9090
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2025-9090
value: CRITICAL

Trust: 1.0

OTHER: JVNDB-2025-012083
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2025-19109
value: MEDIUM

Trust: 0.6

cna@vuldb.com: CVE-2025-9090
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-012083
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2025-19109
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-9090
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-9090
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2025-012083
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19109 // JVNDB: JVNDB-2025-012083 // NVD: CVE-2025-9090 // NVD: CVE-2025-9090

PROBLEMTYPE DATA

problemtype:CWE-74

Trust: 1.0

problemtype:CWE-77

Trust: 1.0

problemtype:injection (CWE-74) [ others ]

Trust: 0.8

problemtype: Command injection (CWE-77) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-012083 // NVD: CVE-2025-9090

EXTERNAL IDS

db:NVDid:CVE-2025-9090

Trust: 3.2

db:VULDBid:320358

Trust: 1.8

db:JVNDBid:JVNDB-2025-012083

Trust: 0.8

db:CNVDid:CNVD-2025-19109

Trust: 0.6

sources: CNVD: CNVD-2025-19109 // JVNDB: JVNDB-2025-012083 // NVD: CVE-2025-9090

REFERENCES

url:https://github.com/zz2266/.github.io/blob/main/ac20/telnet/readme.md

Trust: 1.8

url:https://github.com/zz2266/.github.io/blob/main/ac20/telnet/readme.md#poc-exploit-steps

Trust: 1.8

url:https://vuldb.com/?id.320358

Trust: 1.8

url:https://vuldb.com/?submit.632232

Trust: 1.8

url:https://www.tenda.com.cn/

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2025-9090

Trust: 1.4

url:https://vuldb.com/?ctiid.320358

Trust: 1.0

sources: CNVD: CNVD-2025-19109 // JVNDB: JVNDB-2025-012083 // NVD: CVE-2025-9090

SOURCES

db:CNVDid:CNVD-2025-19109
db:JVNDBid:JVNDB-2025-012083
db:NVDid:CVE-2025-9090

LAST UPDATE DATE

2025-08-23T23:14:27.981000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19109date:2025-08-21T00:00:00
db:JVNDBid:JVNDB-2025-012083date:2025-08-22T06:01:00
db:NVDid:CVE-2025-9090date:2025-08-21T16:10:48.110

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19109date:2025-08-21T00:00:00
db:JVNDBid:JVNDB-2025-012083date:2025-08-22T00:00:00
db:NVDid:CVE-2025-9090date:2025-08-17T03:15:26.527