A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link | Resource |
---|---|
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetSambaConf.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.257778 | Permissions Required |
https://vuldb.com/?id.257778 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
26 Mar 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
First Time |
Tenda ac18 Firmware
Tenda ac18 Tenda |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 9.8 |
CPE | cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:* cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:* |
|
References | () https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formSetSambaConf.md - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.257778 - Permissions Required | |
References | () https://vuldb.com/?id.257778 - Third Party Advisory | |
Summary |
|
24 Mar 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-24 06:15
Updated : 2024-05-17 02:38
NVD link : CVE-2024-2854
Mitre link : CVE-2024-2854
CVE.ORG link : CVE-2024-2854
JSON object : View
Products Affected
tenda
- ac18_firmware
- ac18
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')