Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

856 matches found

RedhatCVE
RedhatCVEadded 2026/06/09 8:59 p.m.6 views

CVE-2026-11528

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS8.4AI score0.00466EPSS
Exploits0References1
NVD
NVDadded 2026/06/08 4:16 p.m.8 views

CVE-2026-11528

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS0.00466EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 3:15 p.m.8 views

EUVD-2026-35092

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 3:15 p.m.36 views

CVE-2026-11528 Tenda AC18 Web Management getRebootStatus sub_45304 stack-based overflow

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS0.00466EPSS
Exploits0References6
CVE
CVEadded 2026/06/08 3:15 p.m.15 views

CVE-2026-11528

CVE-2026-11528 affects Tenda AC18 with firmware 15.03.05.05. The vulnerability is in the Web Management Interface, specifically function sub_45304 in the /goform/getRebootStatus module, where manipulation of the callback argument causes a stack-based buffer overflow. This can be exploited remotel...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/08 3:15 p.m.8 views

CVE-2026-11528 Tenda AC18 Web Management getRebootStatus sub_45304 stack-based overflow

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.10 views

PT-2026-47310

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub 45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS6.1AI score0.00466EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/04/28 6:35 p.m.3 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

9.8CVSS5.8AI score0.01121EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/27 12:0 a.m.1 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

5.8AI score0.01121EPSS
Exploits1References1
CNNVD
CNNVDadded 2026/04/27 12:0 a.m.6 views

Tenda AC18 安全漏洞

The Tenda AC18 is a router produced by the Chinese company Tenda. The Tenda AC18 V15.03.05.05multi version has a security vulnerability. This vulnerability stems from the improper handling of the guestuser parameter in the /goform/SetSambaCfg interface, which may lead to command injection...

9.8CVSS5.8AI score0.01121EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/27 12:0 a.m.30 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

0.01121EPSS
Exploits1References1
CVE
CVEadded 2026/04/27 12:0 a.m.12 views

CVE-2026-31255

Summary: CVE-2026-31255 concerns a command-injection vulnerability in the Tenda AC18 router. The flaw is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows an attacker to execute arbitrary system commands. The affected product/version is Tenda ...

9.8CVSS5.9AI score0.01121EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/27 12:0 a.m.5 views

PT-2026-35506

A command injection vulnerability exists in Tenda AC18 V15.03.05.05 multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

5.9AI score0.01121EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/09 10:57 a.m.4 views

CVE-2022-38309

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg...

9.8CVSS7.8AI score0.00938EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:57 a.m.4 views

CVE-2022-38310

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg...

9.8CVSS7.8AI score0.00938EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:57 a.m.3 views

CVE-2022-38314

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo...

9.8CVSS7.8AI score0.00938EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:56 a.m.3 views

CVE-2022-38311

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet...

9.8CVSS7.8AI score0.00938EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:55 a.m.15 views

CVE-2022-38326

Tenda AC15 WiFi Router V15.03.05.19multi and AC18 WiFi Router V15.03.05.19multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting...

9.8CVSS8AI score0.00928EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:40 a.m.5 views

CVE-2022-35201

Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution RCE vulnerability...

9.8CVSS7.7AI score0.01811EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:48 a.m.9 views

CVE-2020-24987

Tenda AC18 Router through V15.03.05.05EN and through V15.03.05.196318 CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck function in /usr/lib/lua/ngxauthserver/ngxwdas.lua file if the administrator UI Interface is set to "radius"...

9.8CVSS8.1AI score0.03104EPSS
Exploits0References1
Rows per page
Query Builder