7 matches found
CVE-2024-50852
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function...
CVE-2024-50852
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function...
CVE-2024-50852
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function...
CVE-2024-50852
CVE-2024-50852 affects Tenda G3, version 3.0 v15.11.0.20. The vulnerability is a command injection in the formSetUSBPartitionUmount function, arising because usbPartitionName handling fails to neutralize special characters/commands. Impact: allows a remote attacker to execute arbitrary commands. ...
CVE-2024-46628
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution RCE vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function...
CVE-2022-45717
IP-COM M50 V15.11.0.3310768 was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request...
Command injection
IP-COM M50 V15.11.0.3310768 was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request...