CVE-2018-18728

2018-10-29T12:29:00
ID CVE-2018-18728
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.