PT-2018-14606 · Tenda · Tenda Ac18+2

Ming Yuan

Published

2018-10-28

Updated

2019-10-03

CVE-2018-18728

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.05.19(6318) CN Tenda AC15 version 15.03.05.19 CN Tenda AC18 version 15.03.05.19(6318) CN

Description An issue allows remote code execution via shell metacharacters in the usbName field to the fastcall function with a POST request.

Recommendations For Tenda AC9 version 15.03.05.19(6318) CN, avoid using the usbName field in the affected API endpoint until the issue is resolved. For Tenda AC15 version 15.03.05.19 CN, restrict access to the fastcall function to minimize the risk of exploitation. For Tenda AC18 version 15.03.05.19(6318) CN, consider disabling the fastcall function until a patch is available.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2018-18728

Affected Products

Tenda Ac15

Tenda Ac18

Tenda Ac9

PT-2018-14606 · Tenda · Tenda Ac18+2

CVE-2018-18728

Weakness Enumeration

Related Identifiers

Affected Products

References · 3