Sign-up

ID

VAR-202510-0256


CVE

CVE-2025-11523


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC7  Injection Vulnerability in Firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-015882

DESCRIPTION

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC7 The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the failure to properly sanitize special characters and commands in the lanIp parameter in the file /goform/AdvSetLanip. An attacker could exploit this vulnerability to execute arbitrary commands

Trust: 2.16

sources: NVD: CVE-2025-11523 // JVNDB: JVNDB-2025-015882 // CNVD: CNVD-2025-24162

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-24162

AFFECTED PRODUCTS

vendor:tendamodel:ac7scope:eqversion:15.03.06.44

Trust: 1.6

vendor:tendamodel:ac7scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac7scope: - version: -

Trust: 0.8

vendor:tendamodel:ac7scope:eqversion:ac7 firmware 15.03.06.44

Trust: 0.8

sources: CNVD: CNVD-2025-24162 // JVNDB: JVNDB-2025-015882 // NVD: CVE-2025-11523

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-11523
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2025-11523
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-015882
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-24162
value: MEDIUM

Trust: 0.6

cna@vuldb.com: CVE-2025-11523
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-015882
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2025-24162
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-11523
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-11523
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2025-015882
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-24162 // JVNDB: JVNDB-2025-015882 // NVD: CVE-2025-11523 // NVD: CVE-2025-11523

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.0

problemtype:CWE-74

Trust: 1.0

problemtype:injection (CWE-74) [ others ]

Trust: 0.8

problemtype: Command injection (CWE-77) [NVD evaluation ]

Trust: 0.8

problemtype: Command injection (CWE-77) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-015882 // NVD: CVE-2025-11523

EXTERNAL IDS

db:NVDid:CVE-2025-11523

Trust: 3.2

db:VULDBid:327661

Trust: 1.8

db:JVNDBid:JVNDB-2025-015882

Trust: 0.8

db:CNVDid:CNVD-2025-24162

Trust: 0.6

sources: CNVD: CNVD-2025-24162 // JVNDB: JVNDB-2025-015882 // NVD: CVE-2025-11523

REFERENCES

url:https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac7/advsetlanip.md

Trust: 1.8

url:https://vuldb.com/?id.327661

Trust: 1.8

url:https://vuldb.com/?submit.669849

Trust: 1.8

url:https://www.tenda.com.cn/

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2025-11523

Trust: 1.4

url:https://vuldb.com/?ctiid.327661

Trust: 1.0

sources: CNVD: CNVD-2025-24162 // JVNDB: JVNDB-2025-015882 // NVD: CVE-2025-11523

SOURCES

db:CNVDid:CNVD-2025-24162
db:JVNDBid:JVNDB-2025-015882
db:NVDid:CVE-2025-11523

LAST UPDATE DATE

2025-10-20T03:59:03.442000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-24162date:2025-10-17T00:00:00
db:JVNDBid:JVNDB-2025-015882date:2025-10-14T07:28:00
db:NVDid:CVE-2025-11523date:2025-10-09T22:17:03.017

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-24162date:2025-10-17T00:00:00
db:JVNDBid:JVNDB-2025-015882date:2025-10-14T00:00:00
db:NVDid:CVE-2025-11523date:2025-10-09T02:15:41.403