Details of VAR-202603-2191

ID

VAR-202603-2191

CVE

CVE-2026-4253

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC8 Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-008094

DESCRIPTION

A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route_set_user_policy_rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. This vulnerability is, Web Interface /cgi-bin/UploadCfg Functions in the file route_set_user_policy_rule Affects the argument wans.policy.list1 By operating OS Command injection can occur, allowing for remote attacks. The exploit is publicly available and could be used to carry out attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely

Trust: 1.62

sources: NVD: CVE-2026-4253 // JVNDB: JVNDB-2026-008094

AFFECTED PRODUCTS

vendor:	tenda	model:	ac8	scope:	eq	version:	16.03.50.11	Trust: 1.0
vendor:	tenda	model:	ac8	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac8	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac8	scope:	eq	version:	ac8 firmware 16.03.50.11	Trust: 0.8

sources: JVNDB: JVNDB-2026-008094 // NVD: CVE-2026-4253

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2026-4253
value:	LOW
Trust: 1.0
nvd@nist.gov:	CVE-2026-4253
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2026-008094
value:	HIGH
Trust: 0.8

cna@vuldb.com:	CVE-2026-4253
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:L/AU:M/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.4
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2026-008094
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:L/AU:M/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

cna@vuldb.com:	CVE-2026-4253
baseSeverity:	MEDIUM
baseScore:	4.7
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.2
impactScore:	3.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-4253
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2026-008094
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-008094 // NVD: CVE-2026-4253 // NVD: CVE-2026-4253

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	CWE-77	Trust: 1.0
problemtype:	Command injection (CWE-77) [ others ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [ others ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-008094 // NVD: CVE-2026-4253

PATCH

title:

Tenda AC8 V5 V16.03.50.11 OS Command Injection

url:

https://vuldb.com/?id.351211

Trust: 0.8

sources: JVNDB: JVNDB-2026-008094

EXTERNAL IDS

db:	NVD	id:	CVE-2026-4253	Trust: 2.6
db:	VULDB	id:	351211	Trust: 1.0
db:	JVNDB	id:	JVNDB-2026-008094	Trust: 0.8

sources: JVNDB: JVNDB-2026-008094 // NVD: CVE-2026-4253

REFERENCES

url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://github.com/digitalandrew/tenda_ac8_v5/blob/main/poc_cmdi_config_upload.py	Trust: 1.8
url:	https://vuldb.com/?submit.771771	Trust: 1.0
url:	https://vuldb.com/?id.351211	Trust: 1.0
url:	https://vuldb.com/?ctiid.351211	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-4253	Trust: 0.8

sources: JVNDB: JVNDB-2026-008094 // NVD: CVE-2026-4253

SOURCES

db:	JVNDB	id:	JVNDB-2026-008094
db:	NVD	id:	CVE-2026-4253

LAST UPDATE DATE

2026-03-25T23:10:41.742000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-008094	date:	2026-03-23T08:42:00
db:	NVD	id:	CVE-2026-4253	date:	2026-03-20T12:55:36.280

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-008094	date:	2026-03-23T00:00:00
db:	NVD	id:	CVE-2026-4253	date:	2026-03-16T18:16:10.540