Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

OSV
OSVadded 2022/02/18 6:15 p.m.1 views

CVE-2021-45401

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...

9.8CVSS5.9AI score0.02526EPSS
Exploits1References1
Prion
Prionadded 2022/02/18 6:15 p.m.15 views

Command injection

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...

7.5CVSS9.5AI score0.02526EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2022/02/18 12:0 a.m.3 views

Tenda AC10 安全漏洞

The Tenda AC10U is a router designed with Gigabit ports on both WAN and LAN ports.A command injection vulnerability exists in the Tenda AC10U, which stems from the deviceName value of the client control being passed directly to the doSystemCmd function. An attacker could use this vulnerability to...

9.8CVSS6.2AI score0.02526EPSS
Exploits1References2
NVD
NVDadded 2021/04/16 12:15 a.m.12 views

CVE-2021-27692

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.179502CN or v15.11.0.169024CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the...

10CVSS0.03282EPSS
Exploits0References1
Prion
Prionadded 2021/04/16 12:15 a.m.14 views

Command injection

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.179502CN or v15.11.0.169024CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the...

10CVSS9.8AI score0.03282EPSS
Exploits0References1Affected Software2
OSV
OSVadded 2018/10/30 6:29 p.m.5 views

CVE-2018-14558

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a craft...

9.8CVSS6.1AI score0.08672EPSS
Exploits1References2
CNVD
CNVDadded 2018/09/04 12:0 a.m.2 views

Tenda AC9 and AC10 Operating System Command Injection Vulnerability

Tenda AC9 is a wireless router product from Tenda, a Chinese company. An operating system command injection vulnerability exists in Tenda AC9 version 15.03.05.196318CN and AC10 version 15.03.06.23CN and earlier versions, which originates from the 'mcc' parameter in a POST request being used...

9CVSS9.3AI score0.0362EPSS
Exploits1References1
Rows per page
Query Builder