Lucene search
K

102 matches found

BDU FSTEC
BDU FSTEC
added 2024/03/22 12:0 a.m.6 views

The vulnerability of the formexeCommand() function (/goform/execCommand) in the Tenda AC18 router’s microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formexeCommand function /goform/execCommand in the Tenda AC18 router’s microprogramming system lies in the issue of the operation exceeding the buffer boundaries in memory when processing the cmdinput parameter. Exploiting this vulnerability allows an attacker to compromi...

9CVSS7.8AI score0.01278EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2024/03/19 12:0 a.m.21 views

Tenda AC18 formexeCommand function buffer overflow vulnerability

The Tenda AC18 is a router from the Chinese company Tenda. Tenda AC18 V15.03.05.05 version of the buffer overflow vulnerability, the vulnerability stems from /goform/execCommand file formexeCommand function of the cmdinput parameter fails to correctly validate the length of the input data size, a...

9CVSS8.3AI score0.01278EPSS
Exploits0References1
OSV
OSV
added 2024/03/17 9:15 a.m.2 views

CVE-2024-2558

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...

8.8CVSS6.3AI score0.01278EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/17 12:0 a.m.5 views

Tenda AC18 Security Vulnerability

Tenda AC18 is a router from Tenda, China. A security vulnerability exists in Tenda AC18 version V15.03.05.05, which is caused by a stack-based buffer overflow in the cmdinput parameter of the formexeCommand function of the /goform/execCommand file...

9CVSS7.5AI score0.01278EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/18 12:0 a.m.8 views

The vulnerability of the formexeCommand function in the wireless access point software Tenda W9 allows a intruder to execute arbitrary code.

The vulnerability of the formexeCommand function in the Tenda W9 wireless access point software exists due to the failure to implement measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.01896EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/12/26 6:15 p.m.2 views

CVE-2023-51099

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formexeCommand...

9.8CVSS5.8AI score0.01896EPSS
Exploits1References2
NVD
NVD
added 2023/12/26 6:15 p.m.30 views

CVE-2023-51099

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formexeCommand...

9.8CVSS0.01896EPSS
Exploits1References1
Prion
Prion
added 2023/12/26 6:15 p.m.18 views

Command injection

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formexeCommand...

7.5CVSS8.2AI score0.01896EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/12/26 12:0 a.m.31 views

CVE-2023-51099

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formexeCommand...

10AI score0.01896EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/26 12:0 a.m.3 views

Tenda W9 Security Vulnerability

Tenda W9 is a wireless in-wall access point from Tenda, China. A security vulnerability exists in the Tenda W9 V1.0.0.74456CN version, which originates from a command injection vulnerability in the formexeCommand method...

9.8CVSS7.7AI score0.01896EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.9 views

PT-2023-8322 · Tenda · Tenda W9

Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 CN Description: A command injection issue exists due to the lack of neutralization of special elements in the formexeCommand function. This could allow a remote attacker to execute arbitrary code. Recommendations:...

9.8CVSS9.8AI score0.01896EPSS
Exploits1References7
OSV
OSV
added 2022/09/23 7:15 p.m.3 views

CVE-2022-40107

Tenda i9 v1.0.0.83828 was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS6.2AI score0.00959EPSS
Exploits0References1
OSV
OSV
added 2022/09/23 7:15 p.m.2 views

CVE-2022-40100

Tenda i9 v1.0.0.83828 was discovered to contain a command injection vulnerability via the FormexeCommand function...

9.8CVSS5.8AI score0.01513EPSS
Exploits0References1
Prion
Prion
added 2022/09/23 7:15 p.m.21 views

Command injection

Tenda i9 v1.0.0.83828 was discovered to contain a command injection vulnerability via the FormexeCommand function...

7.5CVSS9.8AI score0.01513EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/09/23 7:15 p.m.19 views

Buffer overflow

Tenda i9 v1.0.0.83828 was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

5CVSS7.5AI score0.00959EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/23 6:54 p.m.17 views

CVE-2022-40100

Tenda i9 v1.0.0.83828 was discovered to contain a command injection vulnerability via the FormexeCommand function...

10AI score0.01513EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/23 6:54 p.m.7 views

CVE-2022-40100

Tenda i9 v1.0.0.83828 was discovered to contain a command injection vulnerability via the FormexeCommand function...

9.9AI score0.01513EPSS
Exploits0References1
CVE
CVE
added 2022/09/23 6:54 p.m.61 views

CVE-2022-40100

The CVE-2022-40100 entry concerns Tenda i9, affected in version 1.0.0.8(3828). A command injection vulnerability exists in the FormexeCommand function. The issue is rated with an NV D/CVSS3.1 base score 9.8 (CRITICAL) , with network access required and no authentication/UI interaction, and potent...

9.8CVSS9.7AI score0.01513EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.5 views

Tenda i9 命令注入漏洞

Tenda i9 is a ceiling-mountable wireless access point from Tenda China. A security vulnerability exists in Tenda i9 v1.0.0.83828, which is caused by a command injection issue in the FormexeCommand method...

9.8CVSS8.4AI score0.01513EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.5 views

PT-2022-25210 · Tenda · Tenda I9

Name of the Vulnerable Software and Affected Versions: Tenda i9 version 1.0.0.83828 Description: A buffer overflow issue was discovered, allowing attackers to cause a Denial of Service DoS via a crafted string. The issue is related to the formexeCommand function. Recommendations: For Tenda i9...

7.5CVSS7.5AI score0.00959EPSS
Exploits0References2
Rows per page
Query Builder