Unrated severityNVD Advisory· Published Nov 10, 2025· Updated Dec 1, 2025
CVE-2025-63834
CVE-2025-63834
Description
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.