28 matches found
EUVD-2024-53632
Malicious code in bioql PyPI...
CVE-2025-57639
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...
CVE-2025-57639
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...
CVE-2025-57639
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...
CVE-2025-57639
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...
Tenda AC9 安全漏洞
Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 version 1.0, which originates from the improper handling of the usb.samba.guest.user parameter in the formSetSambaConf function in the httpd file, which may lead to OS command injection...
PT-2025-39198
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 1.0 Description A command injection issue exists in Tenda AC9 version 1.0. The issue is due to a flaw in the formSetSambaConf function within the httpd file, specifically through the usb.samba.guest.user parameter. This allow...
CVE-2025-9813
A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument sambauserNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available an...
CVE-2025-9813 Tenda CH22 SetSambaConf formSetSambaConf buffer overflow
A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument sambauserNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available an...
CVE-2024-57583
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function...
The vulnerability of the formSetSambaConf() function in the Tenda AC9 router software allows a hacker to execute arbitrary code.
The vulnerability of the formSetSambaConf function in the Tenda AC9 router software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2025-44877
Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
Tenda AC9 安全漏洞
Tenda AC9 is a wireless router from Tenda, a Chinese company. Tenda AC9 suffers from a command injection vulnerability, which arises from the formSetSambaConf function usbname parameter failing to correctly filter the construct command special characters, commands, etc. The vulnerability can be...
The vulnerability of the formSetSambaConf function in the Tenda AC18 router microprogramming system allows a attacker to execute arbitrary commands.
The vulnerability of the formSetSambaConf function in the Tenda AC18 router microprogramming system exists due to the lack of measures taken to neutralize special elements during the processing of the usbName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
CVE-2024-57583
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function...
Tenda AC18 安全漏洞
The Tenda AC18 is a router from the Chinese company Tenda. Tenda AC18 version 15.03.05.19 suffers from a command injection vulnerability that stems from the usbName parameter of the formSetSambaConf function failing to correctly filter the constructor command special characters, commands, etc. Th...
PT-2025-3477 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version V15.03.05.19 Description: A command injection issue exists due to the lack of neutralization of special elements when processing the usbName parameter in the formSetSambaConf function. This allows a remote attacker to execu...
The vulnerability of the formSetSambaConf() function (/goform/setsambacfg) in the Tenda AC15 router microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the formSetSambaConf function /goform/setsambacfg of the Tenda AC15 router software is related to the failure to take measures to neutralize special elements used in the OS command when processing the parameter usbName. Exploiting this vulnerability allows a remote attacker t...
The vulnerability of the formSetSambaConf() function (/goform/setsambacfg) in the Tenda AC18 router microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the formSetSambaConf function /goform/setsambacfg of the Tenda AC18 router microprogramming system is related to the failure to take measures to neutralize special elements used in the OS command when processing the parameter usbName. Exploiting this vulnerability allows a...
Tenda AC15 formSetSambaConf Method Command Injection Vulnerability
Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. The Tenda AC15 suffers from a command injection...