CVE-2024-50852
CVE-2024-50852 affects Tenda G3, version 3.0 v15.11.0.20. The vulnerability is a command injection in the formSetUSBPartitionUmount function, arising because usbPartitionName handling fails to neutralize special characters/commands. Impact: allows a remote attacker to execute arbitrary commands. ...