Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-53632

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0225EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/09/25 2:54 a.m.3 views

CVE-2025-57639

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...

6.5CVSS8.3AI score0.03311EPSS
Exploits1References1
NVD
NVDadded 2025/09/23 6:15 p.m.2 views

CVE-2025-57639

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...

6.5CVSS0.03311EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/09/23 12:0 a.m.3 views

CVE-2025-57639

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...

7.9AI score0.03311EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/09/23 12:0 a.m.2 views

PT-2025-39198

Name of the Vulnerable Software and Affected Versions Tenda AC9 version 1.0 Description A command injection issue exists in Tenda AC9 version 1.0. The issue is due to a flaw in the formSetSambaConf function within the httpd file, specifically through the usb.samba.guest.user parameter. This allow...

6.5CVSS7.3AI score0.03311EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/09/23 12:0 a.m.2 views

Tenda AC9 安全漏洞

Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 version 1.0, which originates from the improper handling of the usb.samba.guest.user parameter in the formSetSambaConf function in the httpd file, which may lead to OS command injection...

6.5CVSS7.1AI score0.03311EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/09/23 12:0 a.m.5 views

CVE-2025-57639

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file...

0.03311EPSS
Exploits1References1
NVD
NVDadded 2025/09/02 5:15 a.m.4 views

CVE-2025-9813

A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument sambauserNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available an...

9CVSS0.00464EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/09/02 4:2 a.m.3 views

CVE-2025-9813 Tenda CH22 SetSambaConf formSetSambaConf buffer overflow

A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument sambauserNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available an...

9CVSS8.9AI score0.00464EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 7:28 a.m.4 views

CVE-2024-57583

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function...

9.8CVSS7.9AI score0.0225EPSS
Exploits0References1
OSV
OSVadded 2025/05/02 3:15 p.m.1 views

CVE-2025-44877

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS6.1AI score
Exploits0References1
CNNVD
CNNVDadded 2025/05/02 12:0 a.m.1 views

Tenda AC9 安全漏洞

Tenda AC9 is a wireless router from Tenda, a Chinese company. Tenda AC9 suffers from a command injection vulnerability, which arises from the formSetSambaConf function usbname parameter failing to correctly filter the construct command special characters, commands, etc. The vulnerability can be...

9.8CVSS8.1AI score0.13955EPSS
Exploits1References2
OSV
OSVadded 2025/01/16 9:15 p.m.0 views

CVE-2024-57583

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function...

9.8CVSS5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2025/01/16 12:0 a.m.1 views

Tenda AC18 安全漏洞

The Tenda AC18 is a router from the Chinese company Tenda. Tenda AC18 version 15.03.05.19 suffers from a command injection vulnerability that stems from the usbName parameter of the formSetSambaConf function failing to correctly filter the constructor command special characters, commands, etc. Th...

9.8CVSS8AI score0.0225EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/12/28 12:0 a.m.2 views

PT-2025-3477 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version V15.03.05.19 Description: A command injection issue exists due to the lack of neutralization of special elements when processing the usbName parameter in the formSetSambaConf function. This allows a remote attacker to execu...

9.8CVSS8.4AI score0.0225EPSS
Exploits0References5
CNVD
CNVDadded 2024/03/26 12:0 a.m.1 views

Tenda AC15 formSetSambaConf Method Command Injection Vulnerability

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. The Tenda AC15 suffers from a command injection...

9.8CVSS7.8AI score0.0141EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/03/24 5:31 a.m.15 views

CVE-2024-2854 Tenda AC18 setsambacfg formSetSambaConf os command injection

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS10AI score0.01532EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/03/24 5:31 a.m.17 views

CVE-2024-2854 Tenda AC18 setsambacfg formSetSambaConf os command injection

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS7.4AI score0.01532EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/03/24 5:0 a.m.13 views

CVE-2024-2853 Tenda AC10U setsambacfg formSetSambaConf os command injection

A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical. This issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. The attack may be initiated remotely. The...

6.5CVSS7.6AI score0.0141EPSS
Exploits1References3
OSV
OSVadded 2024/03/24 3:15 a.m.1 views

CVE-2024-2851

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack remotely...

9.8CVSS5.7AI score
Exploits0References3
Rows per page
Query Builder