CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-5547

A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 74.6%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.5

References

https://github.com/somanyerrors/tenda-ac10v4-vulnerabilities/blob/main/findings/CRITICAL-03-command-injection-formaddmacfilterrule.md
https://vuldb.com/submit/782296
https://vuldb.com/vuln/355311
https://vuldb.com/vuln/355311/cti
https://www.tenda.com.cn/

Products affected by CVE-2026-5547

Tenda » Ac10 » Version: 4.0

cpe:2.3:h:tenda:ac10:4.0
Tenda » Ac10 Firmware » Version: 16.03.10.10_multi_tde01

cpe:2.3:o:tenda:ac10_firmware:16.03.10.10_multi_tde01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-5547

Products

Pricing

Contact Us