Tenda F453 Telnet Service telnet TendaTelnet command injection_CVE-2026-6989

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2026-6989

Source VulDB

Published Apr 25, 2026 at 17:15

Affected Product

Vendor Tenda

Product F453

Version 1.0.0.0

Affected Versions Tenda F453 1.0.0.0
Tenda F453 1.0.0.1
Tenda F453 1.0.0.2
Tenda F453 1.0.0.3

CWE Classification

CWE-77 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2026-04-25T17:15:17.875Z",
    "modified": "2026-04-25T17:15:17.875Z",
    "type": "cve",
    "title": "Tenda F453 Telnet Service telnet TendaTelnet command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359541\nhttps://vuldb.com/vuln/359541/cti\nhttps://vuldb.com/submit/796560\nhttps://github.com/alc9700jmo/CVE/issues/24\nhttps://www.tenda.com.cn/",
    "id": "CVE-2026-6989",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Tenda F453 1.0.0.0\nTenda F453 1.0.0.1\nTenda F453 1.0.0.2\nTenda F453 1.0.0.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "F453",
    "version": "1.0.0.0",
    "vendor": "Tenda",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}