Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
The vulnerability results from improper validation and sanitization of the usbPartitionName parameter passed to the formSetUSBPartitionUmount function. An attacker can craft a malicious request containing injected system commands that will be executed by the device in the context of its operating system. The attack requires no authentication or user interaction, and the attack vector is network-based, which significantly increases the risk.
An attacker can gain full control over the device by remotely executing arbitrary system commands, leading to violations of system confidentiality, integrity, and availability.
Apply patches available from the manufacturer according to the references. Until a fix is released, it is recommended to restrict access to the device management interface only to trusted hosts and isolate the device from untrusted networks.
Tenda W30E V2.0 with firmware version V16.01.0.21
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTenda W30e
HWTenda2.0Tenda W30e Firmware
OSTenda16.01.0.21
Related vulnerabilities
Tenda W30E V2 — predefiniowane domyślne hasło w firmware umożliwia nieautoryzowany dostęp
Brak ograniczenia prób logowania w Tenda W30E — atak brute-force
Tenda W30E — stack overflow w funkcji UploadCfg (parametr v17)
Stack overflow w Tenda W30E przez parametr 'page' w funkcji fromVirtualSer
Command injection w routerze Tenda W30E poprzez funkcję setFixTools