Details of VAR-202605-1581

ID

VAR-202605-1581

CVE

CVE-2026-8264

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC6 Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-015138

DESCRIPTION

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The exploit is publicly available and could be used to carry out attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely

Trust: 1.62

sources: NVD: CVE-2026-8264 // JVNDB: JVNDB-2026-015138

AFFECTED PRODUCTS

vendor:	tenda	model:	ac6	scope:	eq	version:	15.03.06.23	Trust: 1.0
vendor:	tenda	model:	ac6	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac6	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac6	scope:	eq	version:	ac6 firmware 15.03.06.23	Trust: 0.8

sources: JVNDB: JVNDB-2026-015138 // NVD: CVE-2026-8264

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2026-8264
value:	LOW
Trust: 1.0
nvd@nist.gov:	CVE-2026-8264
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2026-015138
value:	HIGH
Trust: 0.8

cna@vuldb.com:	CVE-2026-8264
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2026-015138
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

cna@vuldb.com:	CVE-2026-8264
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-8264
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2026-015138
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-015138 // NVD: CVE-2026-8264 // NVD: CVE-2026-8264

PROBLEMTYPE DATA

problemtype:	CWE-77	Trust: 1.0
problemtype:	CWE-78	Trust: 1.0
problemtype:	Command injection (CWE-77) [ others ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8
problemtype:	OS Command injection (CWE-78) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-015138 // NVD: CVE-2026-8264

PATCH

title:

//vuldb.com/vuln/362561

url:

https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/Tenda%20AC6V2%20formWifiApScan%20Command%20Injection%20via%20country%20parameter.md

Trust: 0.8

sources: JVNDB: JVNDB-2026-015138

EXTERNAL IDS

db:	NVD	id:	CVE-2026-8264	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-015138	Trust: 0.8

sources: JVNDB: JVNDB-2026-015138 // NVD: CVE-2026-8264

REFERENCES

url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://github.com/dxz0069/wavlink-wn530h4-command-injection-in-set_add_routing/blob/main/tenda%20ac6v2%20formwifiapscan%20command%20injection%20via%20country%20parameter.md	Trust: 1.0
url:	https://vuldb.com/submit/810075	Trust: 1.0
url:	https://vuldb.com/vuln/362561	Trust: 1.0
url:	https://vuldb.com/vuln/362561/cti	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-8264	Trust: 0.8

sources: JVNDB: JVNDB-2026-015138 // NVD: CVE-2026-8264

SOURCES

db:	JVNDB	id:	JVNDB-2026-015138
db:	NVD	id:	CVE-2026-8264

LAST UPDATE DATE

2026-06-19T23:37:42.746000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-015138	date:	2026-05-13T01:21:00
db:	NVD	id:	CVE-2026-8264	date:	2026-05-11T17:04:06.110

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-015138	date:	2026-05-13T00:00:00
db:	NVD	id:	CVE-2026-8264	date:	2026-05-11T04:16:17.023