CVE-2024-2851

Name of the Vulnerable Software and Affected Versions Tenda AC15 versions 15.03.05.18 through 15.03.20 multi

Description The issue is related to the function formSetSambaConf() at the /goform/setsambacfg endpoint, where the usbName parameter is not properly sanitized, leading to OS command injection. This allows a remote attacker to execute arbitrary commands. The exploit has been disclosed to the public and may be used.

Recommendations For Tenda AC15 versions 15.03.05.18 through 15.03.20 multi, as a temporary workaround, consider disabling the formSetSambaConf() function at the /goform/setsambacfg endpoint until a patch is available. Restrict access to the usbName parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.