CVE-2026-25857HIGH 8.8EPSS p84.7%

CVE-2026-25857CVE-2026-25857

Description

Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality (formSetWanDiag). The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without adequate neutralization. As a result, a remote attacker with access to the affected management interface can inject additional shell syntax and execute arbitrary commands on the device with the privileges of the management process.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS2.82% probability of exploitation · percentile 84.7% · 2026-06-18T12:00:27Z
Published2026-02-07
Last modified2026-03-05

Underlying weaknesses· 1

CWE-78

References

  1. https://blog.evan.lat/blog/cve-2026-25857/
  2. https://www.tendacn.com/material/show/736333682028613
  3. https://www.vulncheck.com/advisories/tenda-g300-f-command-injection-via-formsetwandiag

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2137
CVE
CVE-2026-3165
CVE
CVE-2025-4357
CVE
CVE-2026-6630
CVE
CVE-2026-7102
CVE
CVE-2025-46625
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.