| Title | Tenda Tenda AC15 V1.0BR_V15.03.05.18 OS Command Injection |
|---|
| Description | A command injection vulnerability was discovered in Tenda AC15 V1.0BR_V15.03.05.18, triggered by the cmdinput parameter in /goform/exeCommand. Attackers can exploit this vulnerability by crafting malicious packets to execute arbitrary commands, thereby gaining full control of the target device. |
|---|
| Source | ⚠️ https://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC15_CJ.md |
|---|
| User | shiny (UID 76015) |
|---|
| Submission | 09/04/2025 15:43 (10 months ago) |
|---|
| Moderation | 09/14/2025 17:41 (10 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 323876 [Tenda AC9/AC15 15.03.05.14 /goform/exeCommand formexeCommand cmdinput os command injection] |
|---|
| Points | 0 |
|---|