Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-57219

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.

Published

2025-08-28T19:15:33.813

Last Modified

2025-09-03T16:11:12.023

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	tenda	ac10_firmware	16.03.10.09_multi_tde01	Yes
Hardware	tenda	ac10	4.0	No

References

https://plaid-knot-11b.notion.site/Unauthenticated-Remote-Access-to-ate-Debug-Interface-via-Improper-Access-Controls-in-Tenda-AC10-V4-23fb3e9cce328050a479e44a8c217a72?source=copy_link Third Party Advisory ([email protected])