Tenda AC9 Configuration File DownloadCfg.jpg information disclosure_CVE-2025-14286

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2025-14286

Source VulDB

Published Dec 9, 2025 at 01:32

Affected Product

Vendor Tenda

Product AC9

Version 15.03.05.14_multi

Affected Versions Tenda AC9 15.03.05.14_multi

CWE Classification

CWE-200 CWE-284

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2025-12-09T01:32:07.198Z",
    "modified": "2025-12-09T01:32:07.198Z",
    "type": "cve",
    "title": "Tenda AC9 Configuration File DownloadCfg.jpg information disclosure",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.334874\nhttps://vuldb.com/?ctiid.334874\nhttps://vuldb.com/?submit.702723\nhttps://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN11.md\nhttps://www.tenda.com.cn/",
    "id": "CVE-2025-14286",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Tenda AC9 15.03.05.14_multi",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AC9",
    "version": "15.03.05.14_multi",
    "vendor": "Tenda",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}