Unrated severityNVD Advisory· Published Apr 15, 2021· Updated Aug 3, 2024
CVE-2021-27692
CVE-2021-27692
Description
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Tenda/G1 and G3 routersdescription
- Range: = v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN
Patches
Vulnerability mechanics
References
1- hackmd.io/%40aZYpdinUS2SD-yhAeHwOkw/ry-t4QfMumitrex_refsource_MISC
News mentions
0No linked articles in our index yet.