mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
24 lines
998 B
JSON
24 lines
998 B
JSON
{
|
|
"id": "CVE-2024-34338",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-05-14T15:38:39.337",
|
|
"lastModified": "2024-05-20T19:15:08.670",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerability."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de inyecci\u00f3n de comando ciego en Tenda O3V2 V1.0.0.12 y anteriores permite a atacantes remotos ejecutar comandos del sistema operativo a trav\u00e9s del par\u00e1metro dest en /goform/getTraceroute"
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "http://exzettabyte.me/blind-command-injection-in-tenda-o3v2",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |