Description

Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

Related CPE's

o

tendacn

ac18_firmware

2

h

tendacn

ac18

-

References

https://github.com/wshidamowang/Router/blob/main/Tenda/AC18/RCE_1.md

ExploitThird Party Advisory

https://github.com/wshidamowang/Router/blob/main/Tenda/AC18/RCE_1.md

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-78

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-14T01:15:08.200Z

3 years ago

Last modified

2024-11-21T06:04:28.257Z

1 year ago