Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

86 matches found

OSV
OSVadded 2024/03/26 9:15 p.m.2 views

CVE-2024-28545

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...

9.8CVSS5.8AI score0.02302EPSS
Exploits1References1
NVD
NVDadded 2024/03/26 9:15 p.m.11 views

CVE-2024-28545

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...

9.8CVSS7.1AI score0.02302EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/03/26 12:0 a.m.13 views

CVE-2024-28545

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...

7.7AI score0.02302EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/03/26 12:0 a.m.2 views

PT-2024-22454 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: The issue concerns a command injection vulnerability. It is located in the deviceName parameter of the formsetUsbUnload function. Recommendations: For Tenda AC18 version 15.03.05.05, consider...

9.8CVSS7.4AI score0.02302EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/03/26 12:0 a.m.2 views

Tenda AC18 安全漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from a command injection vulnerability in the deviceName parameter of the...

9.8CVSS7.8AI score0.02302EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/03/26 12:0 a.m.19 views

CVE-2024-28545

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...

7.4AI score0.02302EPSS
Exploits1References1
CVE
CVEadded 2024/03/26 12:0 a.m.63 views

CVE-2024-28545

CVE-2024-28545 describes a command injection vulnerability in the Tenda AC18 router (v15.03.05.05) where the flaw resides in the deviceName parameter of the formsetUsbUnload function. Connected sources consistently identify this issue for the affected device/model and root cause as a command inje...

9.8CVSS7.4AI score0.02302EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2023/05/08 12:0 a.m.1 views

Tenda AC18 setUsbUnload Function Command Injection Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...

9.8CVSS8.3AI score0.02426EPSS
Exploits1References1
OSV
OSVadded 2023/05/05 2:15 a.m.1 views

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

9.8CVSS7.4AI score0.02426EPSS
Exploits1References1
NVD
NVDadded 2023/05/05 2:15 a.m.12 views

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

9.8CVSS9.8AI score0.02426EPSS
Exploits1References1
Prion
Prionadded 2023/05/05 2:15 a.m.19 views

Command injection

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

7.5CVSS9.8AI score0.02426EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2023/05/05 12:0 a.m.3 views

Tenda AC18 命令注入漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...

9.8CVSS8.2AI score0.02426EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/05/05 12:0 a.m.7 views

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

9.8AI score0.02426EPSS
Exploits1References1
CVE
CVEadded 2023/05/05 12:0 a.m.69 views

CVE-2023-30135

The CVE-2023-30135 issue affects Tenda AC18 firmware v15.03.05.19(6318 ) cn, with a command injection vulnerability exposed via the deviceName parameter in the setUsbUnload function. The root cause is insufficient input validation in that function, allowing an attacker to inject commands over the...

9.8CVSS9.7AI score0.02426EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/05/05 12:0 a.m.20 views

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

10AI score0.02426EPSS
Exploits1References1
CNVD
CNVDadded 2022/05/12 12:0 a.m.34 views

TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-53553)

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the devicename parameter in /etting/setDeviceName...

10CVSS3.9AI score0.02463EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/05/10 2:15 p.m.2 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10CVSS5.9AI score0.02463EPSS
Exploits1References2
OSV
OSVadded 2022/05/10 2:15 p.m.1 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

9.8CVSS7.3AI score0.02463EPSS
Exploits1References1
NVD
NVDadded 2022/05/10 2:15 p.m.16 views

CVE-2022-29329

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...

10CVSS0.13319EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2022/05/10 2:15 p.m.1 views

CVE-2022-29329

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...

10CVSS5.9AI score0.13319EPSS
Exploits1References3
Rows per page
Query Builder