CVE-2026-6989

MEDIUM 6.3

Tenda F453 Telnet Service telnet TendaTelnet command injection

CVSS Score

6.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CWE	CWE-77 CWE-74
Vendor	tenda
Product	f453
Published	Apr 25, 2026

Stay Ahead of the Next One

Get instant alerts for tenda f453

Be the first to know when new medium vulnerabilities affecting tenda f453 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Tenda / F453

1.0.0.0 1.0.0.1 1.0.0.2 1.0.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/359541 vuldb.com: https://vuldb.com/vuln/359541/cti vuldb.com: https://vuldb.com/submit/796560 github.com: https://github.com/alc9700jmo/CVE/issues/24 tenda.com.cn: https://www.tenda.com.cn/

Credits

🔍 alc9700 (VulDB User)