CVE-2024-30891 | Tenda AC18 15.03.05.05 /goform/exeCommand cmdinput command injection

Inserito da Angelo Barbosa | Apr 5, 2024 | CVE

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. Affected by this issue is some unknown functionality of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to command injection.

This vulnerability is handled as CVE-2024-30891. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-30891 | Tenda AC18 15.03.05.05 /goform/exeCommand cmdinput command injection

Post correlati

CVE-2023-7061 | Advanced File Manager Shortcode Plugin up to 2.5.3 on WordPress unrestricted upload

CVE-2024-35237 | ZelnickB mit-identibot authorization (GHSA-h8r9-7r8x-78v6)

CVE-2023-42801 | moonlight-stream moonlight-common-c GameStream Client buffer overflow (GHSA-f3h8-j898-5h5v)

CVE-2024-2311 | Avada Plugin up to 7.11.6 on WordPress Shortcode cross site scripting