← Voltar para CVEs
CVE-2025-9828
LOW3.7
Descricao
A vulnerability was determined in Tenda CP6 11.10.00.243. The affected element is the function sub_2B7D04 of the component uhttp. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized.
Detalhes CVE
Pontuacao CVSS v3.13.7
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/2/2025
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
tenda:cp6tenda:cp6_firmware
Fraquezas (CWE)
CWE-310CWE-327
Referencias
https://vuldb.com/?ctiid.322175(cna@vuldb.com)
https://vuldb.com/?id.322175(cna@vuldb.com)
https://vuldb.com/?submit.641566(cna@vuldb.com)
https://www.tenda.com.cn/(cna@vuldb.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.