CVE-2024-34338
Summary: CVE-2024-34338 affects Tenda O3V2 firmware 1.0.0.10 and 1.0.0.12, with a Blind Command Injection via the dest parameter in the /goform/getTraceroute API. The root cause is an injection in that endpoint, allowing arbitrary commands to run with root privileges. Authentication is required t...