CVE-2026-5547: Tenda AC10 Command Injection - 6.3
Platform
linux
Component
tenda
CVE-2026-5547 describes a command injection vulnerability discovered in the Tenda AC10 router, specifically affecting version 16.03.10.10_multi_TDE01. This flaw allows an attacker to execute arbitrary operating system commands on the device, potentially leading to unauthorized access and control. The vulnerability resides within the formAddMacfilterRule function of the /bin/httpd file, making it remotely exploitable. A fix is available, and users are advised to update their devices.
How to fix
Actualice el firmware del dispositivo Tenda AC10 a una versión corregida por el fabricante. Consulte el sitio web de soporte de Tenda para obtener las últimas actualizaciones de firmware y siga las instrucciones proporcionadas para una instalación segura.
Frequently asked questions
What is CVE-2026-5547?
CVE-2026-5547 is a command injection vulnerability affecting the Tenda AC10 router (version 16.03.10.10_multi_TDE01). It allows attackers to execute commands on the router remotely.
Am I affected by CVE-2026-5547?
You are likely affected if you are using a Tenda AC10 router running version 16.03.10.10_multi_TDE01. Check your router's firmware version to confirm.
How do I fix CVE-2026-5547?
Update your Tenda AC10 router to a patched firmware version. Refer to Tenda's official website or support channels for the latest firmware updates.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free