High severity8.8NVD Advisory· Published Sep 2, 2018· Updated Jun 17, 2026
CVE-2018-16334
CVE-2018-16334
Description
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-04/tenda.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.