Description
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution.
Published: 2024-04-05
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 10 Apr 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac18
Tenda ac18 Firmware
CPEs cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac18
Tenda ac18 Firmware

Mon, 19 Aug 2024 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-77
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Tenda Ac18 Ac18 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-19T19:16:28.344Z

Reserved: 2024-03-27T00:00:00.000Z

Link: CVE-2024-30891

cve-icon Vulnrichment

Updated: 2024-08-02T01:39:00.919Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-05T08:15:07.800

Modified: 2025-04-10T14:25:46.040

Link: CVE-2024-30891

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses