130 matches found
CVE-2024-28545
CVE-2024-28545 describes a command injection vulnerability in the Tenda AC18 router (v15.03.05.05) where the flaw resides in the deviceName parameter of the formsetUsbUnload function. Connected sources consistently identify this issue for the affected device/model and root cause as a command inje...
CVE-2024-28545
Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function...
D-Link DAP-1325 SetAPLanSettings Stack Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 is a wireless network extender made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network and wireless network or connect to different wireless networks. The D-Link DAP-1325 suffers from a stack buffer overflow remote code...
The vulnerability of the setUsbUnload function in the microprogramming software for Tenda AC18 allows a hacker to trigger a service failure.
The vulnerability of the setUsbUnload function in the microprogramming software for Tenda AC18 routers is related to insufficient cleaning of input data during the processing of the deviceName parameter. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...
Tenda AC18 setUsbUnload Function Command Injection Vulnerability
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...
CVE-2023-30135
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
CVE-2023-30135
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
Command injection
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
CVE-2023-30135
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
Tenda AC18 命令注入漏洞
Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...
CVE-2023-30135
The CVE-2023-30135 issue affects Tenda AC18 firmware v15.03.05.19(6318 ) cn, with a command injection vulnerability exposed via the deviceName parameter in the setUsbUnload function. The root cause is insufficient input validation in that function, allowing an attacker to inject commands over the...
CVE-2023-30135
Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...
TOTOLINK EX1200T Command Injection Vulnerability (CNVD-2022-53572)
TOTOLINK EX1200T is a Wi-Fi range extender from China-based TOTOLINK, and a command injection vulnerability exists in TOTOLINK EX1200T. deviceName to conduct attacks...
CVE-2021-42885
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack...
Command injection
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack...
Command injection
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceName of the file global.so which can control thedeviceName to attack...
CVE-2021-42885
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack...
TOTOLINK EX1200T 操作系统命令注入漏洞
TOTOLINK EX1200T is a Wi-Fi range extender from China-based TOTOLINK, and a command injection vulnerability exists in TOTOLINK EX1200T. deviceName to conduct attacks...
TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-53553)
TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the devicename parameter in /etting/setDeviceName...
CVE-2022-29329
D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...