Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 04 Oct 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Tendacn
Tendacn g3
Tendacn g3 Firmware
CPEs cpe:2.3:h:tendacn:g3:-:*:*:*:*:*:*:*
cpe:2.3:o:tendacn:g3_firmware:15.03.05.05:*:*:*:*:*:*:*
Vendors & Products Tendacn
Tendacn g3
Tendacn g3 Firmware

Thu, 26 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda g3 Firmware
Weaknesses CWE-78
CPEs cpe:2.3:o:tenda:g3_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda g3 Firmware
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 26 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
Description Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-26T20:23:59.058Z

Reserved: 2024-09-11T00:00:00

Link: CVE-2024-46628

cve-icon Vulnrichment

Updated: 2024-09-26T20:23:43.155Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-26T20:15:06.857

Modified: 2024-10-04T17:18:31.663

Link: CVE-2024-46628

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.