Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenda G1 and G3 操作系统命令注入漏洞
Vulnerability Description
Tenda G1 and G3是中国腾达(Tenda)公司的一个路由器。 Tenda G1 and G3 routers 存在操作系统命令注入漏洞,攻击者可利用该漏洞通过精心制作的“action umountUSBPartition”请求执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A