• caglararli@hotmail.com
  • 05386281520

CVE-2024-30645 | Tenda AC15V1.0 15.03.20_multi /goform/setUsbUnload doSystemCmd deviceName command injection

Çağlar Arlı      -    12 Views

CVE-2024-30645 | Tenda AC15V1.0 15.03.20_multi /goform/setUsbUnload doSystemCmd deviceName command injection

A vulnerability, which was classified as critical, was found in Tenda AC15V1.0 15.03.20_multi. Affected is the function doSystemCmd of the file /goform/setUsbUnload. The manipulation of the argument deviceName leads to command injection. This vulnerability is traded as CVE-2024-30645. It is possible to launch the attack remotely. Furthermore, there is an exploit available.