Description
A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Published: 2026-05-11
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an OS command injection flaw in the get_log_file endpoint of Tenda AC6’s web interface. By manipulating the wans.flag parameter in the /goform/getLogFile request, an attacker can execute arbitrary shell commands on the device. This allows full control over the router operating system, compromising confidentiality, integrity, and availability of the network services. The flaw aligns with CWE-77 (OS Command Injection) and CWE-78 (Command Injection).

Affected Systems

The affected device is the Tenda AC6 router with firmware 15.03.06.23. No other versions or models are listed in the current data.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. It can be triggered remotely by sending a crafted request to the web interface, making it reachable over the internet. Public disclosures indicate that exploit code is available and could be used by attackers.

Generated by OpenCVE AI on May 11, 2026 at 04:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router to the latest firmware provided by Tenda that includes a fix for the OS command injection flaw.
  • If a patch is not yet available, block or restrict access to the /goform/getLogFile endpoint via firewall rules or ACLs, limiting it to trusted networks or disabling remote management entirely.
  • Continuously monitor the router’s HTTP interface for suspicious activity and apply firmware updates immediately when patches are released.

Generated by OpenCVE AI on May 11, 2026 at 04:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 11 May 2026 04:45:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac6
Vendors & Products Tenda ac6

Mon, 11 May 2026 03:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Title Tenda AC6 httpd getLogFile get_log_file os command injection
First Time appeared Tenda
Tenda ac6 Firmware
Weaknesses CWE-77
CWE-78
CPEs cpe:2.3:o:tenda:ac6_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac6 Firmware
References
Metrics cvssV2_0

{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ac6 Ac6 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-11T10:42:35.091Z

Reserved: 2026-05-10T15:35:42.308Z

Link: CVE-2026-8265

cve-icon Vulnrichment

Updated: 2026-05-11T10:42:29.708Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-11T04:16:19.860

Modified: 2026-05-11T15:06:30.020

Link: CVE-2026-8265

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T04:30:27Z

Weaknesses