CVE-2025-44865

Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

CVSS v3 6.3 MEDIUM

6.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/Summermu/VulnForIoT/tree/main/Tenda_W20E/formSetDebugCfg_enable/readme.md	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:tenda:w20e_firmware:15.11.0.6:*:*:*:*:*:*:*

cpe:2.3:h:tenda:w20e:-:*:*:*:*:*:*:*

History

27 May 2025, 16:44

Type	Values Removed	Values Added
CPE		cpe:2.3:o:tenda:w20e_firmware:15.11.0.6:::::::* cpe:2.3:h:tenda:w20e:-:::::::*
First Time		Tenda Tenda w20e Firmware Tenda w20e
References	~~() https://github.com/Summermu/VulnForIoT/tree/main/Tenda_W20E/formSetDebugCfg_enable/readme.md -~~	() https://github.com/Summermu/VulnForIoT/tree/main/Tenda_W20E/formSetDebugCfg_enable/readme.md - Exploit, Third Party Advisory

02 May 2025, 13:52

Type	Values Removed	Values Added
Summary		(es) Se descubrió que Tenda W20E V15.11.0.6 contenía una vulnerabilidad de inyección de comandos en la función formSetDebugCfg mediante el parámetro enable. Esta vulnerabilidad permite a los atacantes ejecutar comandos arbitrarios mediante una solicitud manipulada.

01 May 2025, 21:15

Type	Values Removed	Values Added
CWE		CWE-77
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.3

01 May 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-01 18:15

Updated : 2025-05-27 16:44

NVD link : CVE-2025-44865

Mitre link : CVE-2025-44865

CVE.ORG link : CVE-2025-44865

JSON object : View

Products Affected

tenda

w20e
w20e_firmware

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2025-44865", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2025-05-01T18:15:57.100", "references": [{"url": "https://github.com/Summermu/VulnForIoT/tree/main/Tenda_W20E/formSetDebugCfg_enable/readme.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request."}, {"lang": "es", "value": "Se descubri\u00f3 que Tenda W20E V15.11.0.6 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos en la funci\u00f3n formSetDebugCfg mediante el par\u00e1metro enable. Esta vulnerabilidad permite a los atacantes ejecutar comandos arbitrarios mediante una solicitud manipulada."}], "lastModified": "2025-05-27T16:44:28.903", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:w20e_firmware:15.11.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31C1283D-8DCF-49C0-92FF-34CF842D00BF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:w20e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "25F04924-FB40-4330-B9D9-8597E06DF11B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}

6.3 /10