ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·11/3/2021
CVE-2018-14558 added to CISA KEV: Tenda AC7, AC9, and AC10 Routers
Status: ✅ Confirmed exploited in the wild
Date added: 2021-11-03
Required action: Apply updates per vendor instructions.
Due date: 2022-05-03
Why this matters
Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.