Ac1206 Firmware
Monthly
Ac1206 Firmware versions up to 15.03.06.23 contains a vulnerability that allows attackers to command injection (CVSS 6.3).
A vulnerability was found in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
CVE-2025-7544 is a critical stack-based buffer overflow vulnerability in Tenda AC1206 firmware version 15.03.06.23, specifically in the formSetMacFilterCfg function accessible via the /goform/setMacFilterCfg endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the deviceList parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit disclosure and active exploitation indicators elevate real-world risk significantly.
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Ac1206 Firmware versions up to 15.03.06.23 contains a vulnerability that allows attackers to command injection (CVSS 6.3).
A vulnerability was found in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
CVE-2025-7544 is a critical stack-based buffer overflow vulnerability in Tenda AC1206 firmware version 15.03.06.23, specifically in the formSetMacFilterCfg function accessible via the /goform/setMacFilterCfg endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the deviceList parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit disclosure and active exploitation indicators elevate real-world risk significantly.
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in Tenda AC1206 15.03.06.23. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.