4 matches found
EUVD-2026-24163
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2026-38835
Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
PT-2026-34017
Name of the Vulnerable Software and Affected Versions Tenda W30E version V2.0 V16.01.0.21 Description The formSetUSBPartitionUmount function fails to properly neutralize special elements when processing the usbPartitionName parameter. This allows a remote attacker to execute arbitrary commands by...
PT-2024-9598 · Tenda · Tenda G3
Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetUSBPartitionUmount function of the Tenda G3 wireless access point's firmware, which fails to neutralize special elements when processing the usbPartitionName...