A Blind command injection vulnerability in Tenda O3V2 V1...
High severity
Unreviewed
Published
May 14, 2024
to the GitHub Advisory Database
•
Updated Jul 3, 2024
Description
Published by the National Vulnerability Database
May 14, 2024
Published to the GitHub Advisory Database
May 14, 2024
Last updated
Jul 3, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote attackers to execute operating system commands via dest parameter in /goform/getTraceroute
References