Lucene search
K

793 matches found

NVD
NVD
added 2026/07/01 7:16 p.m.7 views

CVE-2026-38142

An unauthenticated command injection vulnerability in the /goform/fastsettinginternetset endpoint of Tenda AC18 v15.03.05.05 allows attackers to execute arbitrary commands via a crafted payload injected into the mac parameter...

6.5CVSS0.00685EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 12:0 a.m.9 views

CVE-2026-38142

CVE-2026-38142 describes an unauthenticated command-injection in the /goform/fast_setting_internet_set endpoint of Tenda AC18 v15.03.05.05, exploitable by injecting crafted payload into the mac parameter. The NVD/CVE listings confirm the vulnerability, with a CVSS 3.1 base score of 6.5 (Network, ...

6.5CVSS6.1AI score0.00685EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.10 views

CVE-2026-11528

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS8.4AI score0.00466EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 4:16 p.m.11 views

CVE-2026-11528

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS0.00466EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 3:15 p.m.12 views

EUVD-2026-35092

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 3:15 p.m.12 views

CVE-2026-11528 Tenda AC18 Web Management getRebootStatus sub_45304 stack-based overflow

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 3:15 p.m.21 views

CVE-2026-11528

CVE-2026-11528 affects Tenda AC18 with firmware 15.03.05.05. The vulnerability is in the Web Management Interface, specifically function sub_45304 in the /goform/getRebootStatus module, where manipulation of the callback argument causes a stack-based buffer overflow. This can be exploited remotel...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/08 3:15 p.m.40 views

CVE-2026-11528 Tenda AC18 Web Management getRebootStatus sub_45304 stack-based overflow

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS0.00466EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.19 views

PT-2026-47310

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub 45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS6.1AI score0.00466EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/28 6:35 p.m.6 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

9.8CVSS5.8AI score0.01121EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35506

A command injection vulnerability exists in Tenda AC18 V15.03.05.05 multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

5.9AI score0.01121EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Tenda AC18 安全漏洞

The Tenda AC18 is a router produced by the Chinese company Tenda. The Tenda AC18 V15.03.05.05multi version has a security vulnerability. This vulnerability stems from the improper handling of the guestuser parameter in the /goform/SetSambaCfg interface, which may lead to command injection...

9.8CVSS5.8AI score0.01121EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/27 12:0 a.m.4 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

5.8AI score0.01121EPSS
Exploits1References1
CVE
CVE
added 2026/04/27 12:0 a.m.15 views

CVE-2026-31255

Summary: CVE-2026-31255 concerns a command-injection vulnerability in the Tenda AC18 router. The flaw is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows an attacker to execute arbitrary system commands. The affected product/version is Tenda ...

9.8CVSS5.9AI score0.01121EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.32 views

CVE-2026-31255

A command injection vulnerability exists in Tenda AC18 V15.03.05.05multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands...

0.01121EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.5 views

CVE-2022-38309

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg...

9.8CVSS7.8AI score0.00973EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.4 views

CVE-2022-38310

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg...

9.8CVSS7.8AI score0.00973EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.4 views

CVE-2022-38314

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo...

9.8CVSS7.8AI score0.00973EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.4 views

CVE-2022-38311

Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet...

9.8CVSS7.8AI score0.00973EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.18 views

CVE-2022-38326

Tenda AC15 WiFi Router V15.03.05.19multi and AC18 WiFi Router V15.03.05.19multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting...

9.8CVSS8AI score0.00938EPSS
Exploits1References1
Rows per page
Query Builder