EUVD-2023-34564

Malicious code in bioql PyPI...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

CVE-2021-45401

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...

Tenda AC18 setUsbUnload Function Command Injection Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

Command injection

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

PT-2023-3073 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.196318 cn Description: The issue is related to a command injection vulnerability via the deviceName parameter in the setUsbUnload function. This vulnerability can be exploited by a remote attacker to cause a denial...

Tenda AC18 命令注入漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability, which stems from the existence of a command injection vulnerability via the deviceName...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

CVE-2023-30135

Tenda AC18 v15.03.05.196318cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function...

CVE-2021-45401

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...

Command injection

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...

Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability

Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request...

VulnCheck KEV: CVE-2018-14558

Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request...

Tenda AC15 AC1900 Remote Code Execution Vulnerability

Tenda AC15 AC1900 is a wireless router from Tenda, a Chinese company. A remote code execution vulnerability exists in the goform/setUsbUnload endpoint in the Tenda AC15 AC1900 version 15.03.05.19, which can be exploited to execute arbitrary system commands via the deviceName POST parameter...

CVE-2020-10987

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter...

CVE-2018-14558

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44CNAC7, AC9 devices with firmware through V15.03.05.196318CNAC9, and AC10 devices with firmware through V15.03.06.23CNAC10. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a craft...