CVE-2025-27129

{"id": "CVE-2025-27129", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-08-20T14:15:42.727", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2165", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2165", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-288"}]}], "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en la funci\u00f3n de autenticaci\u00f3n HTTP de Tenda AC6 V5.0 V02.03.01.110. Una solicitud HTTP especialmente manipulada puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede enviar paquetes para activar esta vulnerabilidad."}], "lastModified": "2025-11-03T19:15:49.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tenda:ac6_firmware:02.03.01.110:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBBF7445-03C8-48EA-9DC3-BD4825E7CC0A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tenda:ac6:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFBE582F-BE50-4810-AAB2-B19F40693ACE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}