Vulners
Lucene search
CVE-2024-2897
🗓️ 26 Mar 2024 18:31:04Reported by VulDBType 
cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 51 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor | 5 Apr 202622:08 | – | githubexploit |
 | Tenda AC7 操作系统命令注入漏洞 | 26 Mar 202400:00 | – | cnnvd |
 | Tenda AC7 Command Injection Vulnerability | 28 Mar 202400:00 | – | cnvd |
 | CVE-2024-2897 Tenda AC7 WriteFacMac formWriteFacMac os command injection | 26 Mar 202418:31 | – | cvelist |
 | EUVD-2024-27841 | 3 Oct 202520:07 | – | euvd |
 | CVE-2024-2897 | 26 Mar 202419:15 | – | nvd |
 | PT-2024-2496 · Tenda · Tenda Ac7 | 18 Mar 202400:00 | – | ptsecurity |
 | CVE-2024-2897 | 7 Jan 202609:13 | – | redhatcve |
 | CVE-2024-2897 Tenda AC7 WriteFacMac formWriteFacMac os command injection | 26 Mar 202418:31 | – | vulnrichment |
Node
[
{
"vendor": "Tenda",
"product": "AC7",
"versions": [
{
"version": "15.03.06.44",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| mac | request body | /goform/WriteFacMac | OS command injection via the mac parameter in /goform/WriteFacMac enabling remote code execution. | CWE-78 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
22 Jan 2025 17:53Current
7High risk
Vulners AI Score7
CVSS 3.16.3 - 8.8
CVSS 26.5
CVSS 36.3
EPSS0.05643
SSVC