CVE-2018-14558

CRITICAL KEV

Tenda AC7/9/10 <15.03.06 - Command Injection

Title source: llm

Description

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.

References (2)

[Broken Link, Exploit, Third Party Advisory] https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-01/Tenda.md

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14558

Scores

CVSS v3 9.8

EPSS 0.7832

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-04-13

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2018-6467

CWE

CWE-78

Status published

Products (3)

tenda/ac10_firmware < 15.03.06.23_cn

tenda/ac7_firmware < 15.03.06.44_cn

tenda/ac9_firmware < 15.03.05.19\(6318\)_cn

Published Oct 30, 2018

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026