CVE-2025-8182

A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etc_ro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

CVSS v3 5.6 MEDIUM
CVSS v2.0 5.1 MEDIUM

5.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

5.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://vuldb.com/?ctiid.317596	Permissions Required
https://vuldb.com/?id.317596	Third Party Advisory VDB Entry
https://vuldb.com/?submit.621977	Third Party Advisory VDB Entry
https://www.notion.so/23a54a1113e7802abfabf1275a555f48	Third Party Advisory
https://www.tenda.com.cn/	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:tenda:ac18_firmware:15.03.05.19:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*

History

01 Aug 2025, 20:05

Type	Values Removed	Values Added
References	~~() https://vuldb.com/?ctiid.317596 -~~	() https://vuldb.com/?ctiid.317596 - Permissions Required
References	~~() https://vuldb.com/?id.317596 -~~	() https://vuldb.com/?id.317596 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.621977 -~~	() https://vuldb.com/?submit.621977 - Third Party Advisory, VDB Entry
References	~~() https://www.notion.so/23a54a1113e7802abfabf1275a555f48 -~~	() https://www.notion.so/23a54a1113e7802abfabf1275a555f48 - Third Party Advisory
References	~~() https://www.tenda.com.cn/ -~~	() https://www.tenda.com.cn/ - Product
First Time		Tenda Tenda ac18 Firmware Tenda ac18
CPE		cpe:2.3:o:tenda:ac18_firmware:15.03.05.19:::::::* cpe:2.3:h:tenda:ac18:-:::::::*

29 Jul 2025, 14:14

Type	Values Removed	Values Added
Summary		(es) Se ha detectado una vulnerabilidad en Tenda AC18 15.03.05.19, clasificada como problemática. Esta vulnerabilidad afecta al código desconocido del archivo /etc_ro/smb.conf del componente Samba. La manipulación da lugar a requisitos de contraseña débiles. El ataque puede ejecutarse en remoto. Es un ataque de complejidad bastante alta. Parece difícil de explotar. Se ha hecho público el exploit y puede que sea utilizado.

26 Jul 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-26 09:15

Updated : 2025-08-01 20:05

NVD link : CVE-2025-8182

Mitre link : CVE-2025-8182

CVE.ORG link : CVE-2025-8182

JSON object : View

Products Affected

tenda

ac18_firmware
ac18

CWE

CWE-521

Weak Password Requirements

5.6 /10