Количество 2
Количество 2
CVE-2024-34338
Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerability.
GHSA-5pm7-95xh-g4vm
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote attackers to execute operating system commands via dest parameter in /goform/getTraceroute
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-34338 Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerability. | CVSS3: 7.2 | 3% Низкий | больше 1 года назад |
| GHSA-5pm7-95xh-g4vm A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote attackers to execute operating system commands via dest parameter in /goform/getTraceroute | CVSS3: 7.2 | 3% Низкий | больше 1 года назад |
Уязвимостей на страницу