Lucene search
K

86 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:42 a.m.6 views

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

9.8CVSS8AI score0.02426EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:43 p.m.14 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10CVSS7.9AI score0.02463EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/04 12:7 a.m.20 views

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS8.3AI score0.01974EPSS
Exploits1References1
NVD
NVD
added 2025/05/02 3:15 p.m.8 views

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS0.01974EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/02 12:0 a.m.7 views

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

8.2AI score0.01974EPSS
Exploits1References1
CVE
CVE
added 2025/05/02 12:0 a.m.59 views

CVE-2025-44872

CVE-2025-44872 affects the Tenda AC9 router (version 15.03.06.42_multi). A command injection flaw exists in the formsetUsbUnload function via the deviceName parameter, allowing an attacker to execute arbitrary commands through a crafted request. Reported impact is high (CVE CVSS v3.1: AV:N/AC:L/P...

9.8CVSS8AI score0.01974EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2025/03/31 12:0 a.m.3 views

Netgear DC112A deviceName Command Injection Vulnerability

The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...

9.8CVSS8.1AI score0.11622EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 2:15 p.m.5 views

CVE-2025-28219

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usbadv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request...

9.8CVSS6.1AI score0.11622EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.4 views

NETGEAR DC112A 安全漏洞

The Netgear DC112A is a wireless router. The Netgear DC112A suffers from a command injection vulnerability that originates in the usbadv.cgi handling of the deviceName parameter, which can be exploited by an attacker to submit a special request and execute arbitrary commands...

9.8CVSS7.9AI score0.11622EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.6 views

PT-2024-38136 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue was found in the setdeviceName function of the /cgi-bin/cstecgi.cgi file, where manipulation of the deviceMac/deviceName argument leads to buffer overflow. This can ...

9CVSS8.8AI score0.0118EPSS
Exploits1References8
OSV
OSV
added 2024/03/29 4:15 p.m.4 views

CVE-2024-30645

Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...

8CVSS5.8AI score0.01049EPSS
Exploits0References1
NVD
NVD
added 2024/03/29 4:15 p.m.26 views

CVE-2024-30645

Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...

8CVSS7.2AI score0.01049EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.4 views

PT-2024-23542 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15V1.0 version V15.03.20 multi Description: The issue is related to a command injection vulnerability. This vulnerability can be exploited via the deviceName parameter. Recommendations: For Tenda AC15V1.0 version V15.03.20 multi, avoi...

8CVSS7.4AI score0.01049EPSS
Exploits0References3
CVE
CVE
added 2024/03/29 12:0 a.m.70 views

CVE-2024-30645

CVE-2024-30645 affects Tenda AC15V1.0 V15.03.20_multi. The vulnerability is a command injection via the deviceName parameter. CVSS v3.1 vector: AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, base score 8.0 (HIGH). Potential impact includes confidentiality, integrity, and availability. Exploitation status i...

8CVSS7.5AI score0.01049EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/29 12:0 a.m.3 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router from the Chinese company Tenda. A security vulnerability exists in Tenda AC15 version V15.03.20multi, which is caused by a command injection vulnerability in the deviceName parameter...

8CVSS7.7AI score0.01049EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/29 12:0 a.m.17 views

CVE-2024-30645

Tenda AC15V1.0 V15.03.20multi has a command injection vulnerability via the deviceName parameter...

7.5AI score0.01049EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/28 12:0 a.m.10 views

CVE-2024-30593

Tenda FH1202 v1.2.0.14408 has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function...

7.2AI score0.00807EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/28 12:0 a.m.17 views

CVE-2024-30593

Tenda FH1202 v1.2.0.14408 has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function...

7.3AI score0.00807EPSS
Exploits1References1
CVE
CVE
added 2024/03/28 12:0 a.m.87 views

CVE-2024-30593

The CVE-2024-30593 entry refers to a stack overflow in the Tenda FH1202 v1.2.0.14(408) where the deviceName parameter of the formSetDeviceName function can be overflowed. Public sources in the Connected documents confirm the vulnerability exists in the deviceName handling, with some references no...

9.8CVSS7.3AI score0.00807EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2024/03/27 12:0 a.m.2 views

Tenda AC18 formsetUsbUnload Method Command Injection Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from a command injection vulnerability in the deviceName parameter of the...

9.8CVSS7.9AI score0.02302EPSS
Exploits1References1
Rows per page
Query Builder