Lucene search

MitreCVE-2024-46048

HistorySep 13, 2024 - 2:15 p.m.

CVE-2024-46048

2024-09-1314:15:14

CWE-77

mitre

web.nvd.nist.gov

tenda fh451

command injection

vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

47.4%

JSON

Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i

Affected configurations

Nvd

Node

tendafh451_firmwareMatch1.0.0.9

AND

tendafh451Match-

VendorProductVersionCPE
tendafh451_firmware1.0.0.9cpe:2.3:o:tenda:fh451_firmware:1.0.0.9:*:*:*:*:*:*:*
tendafh451-cpe:2.3:h:tenda:fh451:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tenda	fh451_firmware	1.0.0.9	cpe:2.3:o:tenda:fh451_firmware:1.0.0.9:::::::*
tenda	fh451	-	cpe:2.3:h:tenda:fh451:-:::::::*

References

github.com/BenJpopo/V/blob/main/Tenda/FH451/formexeCommand.md

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

47.4%

JSON

Related for CVE-2024-46048