FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

Exploit
CVE-2024-50852

Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)

Published: Nov 13, 2024 / Updated: 6d ago

010
CVSS 8.8EPSS 0.04%High
CVE info copied to clipboard

Summary

A command injection vulnerability was discovered in the Tenda G3 v3.0 router running firmware version 15.11.0.20. The vulnerability is specifically located in the formSetUSBPartitionUmount function.

Impact

This vulnerability allows an attacker with network access and low privileges to execute arbitrary commands on the affected device. The impact is severe, as it could lead to complete compromise of the router's confidentiality, integrity, and availability. An attacker could potentially gain full control over the device, intercept or modify network traffic, use the router as a pivot point for further attacks, or render the device inoperable.

Exploitation

One proof-of-concept exploit is available on github.com. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, there is no mention of an available patch for this vulnerability. Users of the affected Tenda G3 v3.0 router with firmware version 15.11.0.20 should monitor the vendor's website for security updates or firmware releases that address this issue.

Mitigation

Until a patch is available, network administrators should implement the following mitigation strategies: 1. Limit network access to the router's management interface, allowing only trusted IP addresses. 2. Use strong, unique passwords for the router's admin interface. 3. Disable remote management if not absolutely necessary. 4. Monitor the router for suspicious activities or unauthorized changes. 5. Consider placing the affected device behind a firewall or security appliance that can filter potentially malicious traffic. 6. If possible, consider replacing the affected router with a model from a different vendor that is not vulnerable to this specific attack.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-50852

Nov 13, 2024 at 3:15 PM
First Article

Feedly found the first article mentioning CVE-2024-50852. See article

Nov 13, 2024 at 3:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 13, 2024 at 3:24 PM
CVSS

A CVSS base score of 8.8 has been assigned.

Nov 14, 2024 at 2:40 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.1%)

Nov 14, 2024 at 2:40 PM
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Nov 14, 2024 at 4:10 PM
Static CVE Timeline Graph

Affected Systems

Tendacn/g3_firmware
+null more

Exploits

https://github.com/zp9080/Tenda/blob/main/Tenda-G3v3.0%20V15.11.0.20-formSetUSBPartitionUmount/overview.md
+null more

Attack Patterns

CAPEC-136: LDAP Injection
+null more

News

CVE-2024-50852 Exploit
inTheWild.io Exploits / 5d
CVE Id : CVE-2024-50852 Published Date: 2024-11-14T14:38:00+00:00 Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function. inTheWild added a link to an exploit: https://github.com/zp9080/Tenda/blob/main/Tenda-G3v3.0%20V15.11.0.20-formSetUSBPartitionUmount/overview.md
#ioc / 5d
CVE-2024-50852 - Tenda Router Command Injection Vulnerability November 13, 2024 at 03:15PM https:// ift.tt/PjSsYIB # CVE # IOC # CTI # ThreatIntelligence # ThreatIntel # Cybersecurity # Recon
NA - CVE-2024-50852 - Tenda G3 v3.0 v15.11.0.20 was discovered to...
Security-Database Alerts Monitor : Last 100 Alerts / 6d
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount function.
CVE-2024-50852 | Tenda G3 15.11.0.20 formSetUSBPartitionUmount command injection
VulDB Recent Entries / 6d
A vulnerability, which was classified as critical , was found in Tenda G3 15.11.0.20 . Affected is the function formSetUSBPartitionUmount . The manipulation leads to command injection. This vulnerability is traded as CVE-2024-50852 . It is possible to launch the attack remotely. There is no exploit available.
CVE-2024-50852
Vulners.com RSS Feed / 6d
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetUSBPartitionUmount...
See 4 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 8.8(18246)CWE-77(2525)Tendacn(139)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial