Unrated severityNVD Advisory· Published Nov 10, 2025· Updated Dec 1, 2025
CVE-2025-63834
CVE-2025-63834
Description
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.
Affected products
2- Tenda/AC18description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.