Lucene search
+L

52 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.11 views

CVE-2023-27240

Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...

9.8CVSS7.9AI score0.02773EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.8 views

CVE-2022-29321

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan...

10CVSS7.9AI score0.03802EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:52 p.m.8 views

CVE-2022-32054

Tenda AC10 USAC10V1.0RTLV15.03.06.26multiTD01 was discovered to contain a remote code execution RCE vulnerability via the lanIp parameter...

10CVSS8.4AI score0.31729EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:43 p.m.7 views

CVE-2022-28917

Tenda AX12 v22.03.01.21cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp...

7.8CVSS7.9AI score0.09285EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2024/02/22 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-15916

goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter...

10CVSS7.6AI score0.03429EPSS
Exploits1References1
CNVD
CNVD
added 2024/01/03 12:0 a.m.10 views

TOTOLINK EX1800T lanIp Parameter Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...

9.8CVSS7.7AI score0.0097EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/22 7:15 p.m.4 views

CVE-2023-51017

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi...

9.8CVSS6.1AI score0.0097EPSS
Exploits1References2
OSV
OSV
added 2023/12/22 7:15 p.m.6 views

CVE-2023-51017

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi...

9.8CVSS6AI score0.0097EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/12/22 12:0 a.m.31 views

CVE-2023-51017

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi...

9.7AI score0.0097EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.5 views

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...

9.8CVSS7.8AI score0.0097EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.8 views

PT-2023-31732 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is possible through the lanIp parameter of the setLanConfig interface in the cstecgi.cgi endpoint. Recommendation...

9.8CVSS9.5AI score0.0097EPSS
Exploits1References2
CNVD
CNVD
added 2023/03/17 12:0 a.m.56 views

Tenda AX3 Command Injection Vulnerability (CNVD-2023-21670)

The Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. Tenda AX3 V16.03.12.11 suffers from a command injection vulnerability that stems from the lanip parameter of /goform/AdvSetLanip failing to correctly filter constructed command special characters, commands,...

9.8CVSS9.8AI score0.02773EPSS
Exploits1References1
NVD
NVD
added 2023/03/15 6:15 a.m.20 views

CVE-2023-27240

Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...

9.8CVSS9.8AI score0.02773EPSS
Exploits1References1
Prion
Prion
added 2023/03/15 6:15 a.m.16 views

Command injection

Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip...

7.5CVSS9.8AI score0.02773EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.4 views

PT-2023-21023 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A command injection issue was discovered via the lanip parameter at the "/goform/AdvSetLanip" API endpoint. This allows for potential exploitation. Recommendations: For Tenda AX3 version 16.03.12.11,...

9.8CVSS9.4AI score0.02773EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.5 views

Tenda AX3 命令注入漏洞

The Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. Tenda AX3 V16.03.12.11 suffers from a command injection vulnerability that stems from the lanip parameter of /goform/AdvSetLanip failing to correctly filter constructed command special characters, commands,...

9.8CVSS8AI score0.02773EPSS
Exploits1References2
NVD
NVD
added 2022/07/07 7:15 p.m.19 views

CVE-2022-32054

Tenda AC10 USAC10V1.0RTLV15.03.06.26multiTD01 was discovered to contain a remote code execution RCE vulnerability via the lanIp parameter...

10CVSS0.31729EPSS
Exploits1References1
OSV
OSV
added 2022/07/07 7:15 p.m.5 views

CVE-2022-32054

Tenda AC10 USAC10V1.0RTLV15.03.06.26multiTD01 was discovered to contain a remote code execution RCE vulnerability via the lanIp parameter...

9.8CVSS6.4AI score0.31729EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/07/07 5:8 p.m.28 views

CVE-2022-32054

Tenda AC10 USAC10V1.0RTLV15.03.06.26multiTD01 was discovered to contain a remote code execution RCE vulnerability via the lanIp parameter...

10AI score0.31729EPSS
Exploits1References1
CVE
CVE
added 2022/07/07 5:8 p.m.84 views

CVE-2022-32054

Summary of CVE-2022-32054 (Tenda AC10): Affects the Tenda AC10 router (US_AC10V1.0RTL_V15.03.06.26_multi_TD01). The issue is a remote code execution (RCE) vulnerability exploitable via the lanIp parameter. Several connected advisories specify this as a command injection flaw allowing an attacker ...

10CVSS9.9AI score0.31729EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder