VYPR
Unrated severityNVD Advisory· Published Apr 5, 2024· Updated Aug 19, 2024

CVE-2024-30891

CVE-2024-30891

Description

A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution.

Affected products

2
  • Tenda/AC18cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = v15.03.05.05

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.