EUVD-2026-35024

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

PT-2024-2394 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U versions 15.03.06.48 through 15.03.06.49 Description: A critical issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. The attack may b...

CVE-2022-28557

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 USAC15V1.0BRV15.03.05.20multiTDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution...

Inteno IOPSYS - (Authenticated) Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits !/usr/bin/python import json import sys import subprocess import socket import os from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" re...