86 matches found
CVE-2023-30135
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
CVE-2022-28910
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...
CVE-2025-44872
Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44872
Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44872
Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2025-44872
CVE-2025-44872 affects the Tenda AC9 router (version 15.03.06.42_multi). A command injection flaw exists in the formsetUsbUnload function via the deviceName parameter, allowing an attacker to execute arbitrary commands through a crafted request. Reported impact is high (CVE CVSS v3.1: AV:N/AC:L/P...
Netgear DC112A deviceName Command Injection Vulnerability
The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...
CVE-2025-28219
Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usbadv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request...
NETGEAR DC112A 安全漏洞
The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...
PT-2024-38136 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue was found in the setdeviceName function of the /cgi-bin/cstecgi.cgi file, where manipulation of the deviceMac/deviceName argument leads to buffer overflow. This can ...
CVE-2024-30645
Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...
CVE-2024-30645
Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...
PT-2024-23542 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15V1.0 version V15.03.20 multi Description: The issue is related to a command injection vulnerability. This vulnerability can be exploited via the deviceName parameter. Recommendations: For Tenda AC15V1.0 version V15.03.20 multi, avoi...
CVE-2024-30645
CVE-2024-30645 affects Tenda AC15V1.0 V15.03.20_multi. The vulnerability is a command injection via the deviceName parameter. CVSS v3.1 vector: AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, base score 8.0 (HIGH). Potential impact includes confidentiality, integrity, and availability. Exploitation status i...
Tenda AC15 安全漏洞
The Tenda AC15 is a wireless router from the Chinese company Tenda. A security vulnerability exists in Tenda AC15 version V15.03.20multi, which is caused by a command injection vulnerability in the deviceName parameter...
CVE-2024-30645
Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...
CVE-2024-30593
Tenda FH1202 v1.2.0.14408 has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function...
CVE-2024-30593
Tenda FH1202 v1.2.0.14408 has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function...
CVE-2024-30593
The CVE-2024-30593 entry refers to a stack overflow in the Tenda FH1202 v1.2.0.14(408) where the deviceName parameter of the formSetDeviceName function can be overflowed. Public sources in the Connected documents confirm the vulnerability exists in the deviceName handling, with some references no...
Tenda AC18 formsetUsbUnload Method Command Injection Vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from a command injection vulnerability in the deviceName parameter of the...