The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/en/cp-139-8157-e0461-2.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-8156-81c9d-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Nov 2024, 18:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.twcert.org.tw/en/cp-139-8157-e0461-2.html - Third Party Advisory | |
References | () https://www.twcert.org.tw/tw/cp-132-8156-81c9d-1.html - Third Party Advisory | |
Summary |
|
|
CPE | cpe:2.3:h:zte:wrtm326:-:*:*:*:*:*:*:* cpe:2.3:o:zte:wrtm326_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Zte wrtm326 Firmware
Zte Zte wrtm326 |
18 Oct 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-18 05:15
Updated : 2024-11-01 18:40
NVD link : CVE-2024-10119
Mitre link : CVE-2024-10119
CVE.ORG link : CVE-2024-10119
JSON object : View
Products Affected
zte
- wrtm326_firmware
- wrtm326
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')