Cyber Resilience

CVE-2023-30135

CriticalPublic PoCRCE

Published: 05 May 2023

Published
05 May 2023
Modified
29 January 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2642 96.4th percentile
Risk Priority 35 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-30135 is a critical-severity Command Injection (CWE-77) vulnerability in Tenda Ac18 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 3.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Tenda AC18 routers running firmware version v15.03.05.19(6318_)_cn contain a command-injection vulnerability in the setUsbUnload function, where the deviceName parameter is passed to a system command without adequate sanitization. The flaw is tracked as CVE-2023-30135, assigned CWE-77, and rated 9.8 under CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

An unauthenticated attacker with network access can supply a crafted deviceName value that results in arbitrary command execution on the device, granting the ability to read or modify data, alter configuration, or disrupt service. No authentication or user interaction is required for successful exploitation.

Public references consist of technical write-ups hosted on GitHub that demonstrate the injection vector; no vendor advisory or firmware patch addressing the issue is referenced in the available sources. The associated EPSS score has remained at 0.2642 with no material increase since disclosure.

EU & UK References

Vulnerability details

Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

tenda
ac18 firmware
15.03.05.19\(6318\)_cn

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References