ID
VAR-202403-3268
CVE
CVE-2024-30645
TITLE
Shenzhen Tenda Technology Co.,Ltd. of AC15 in the firmware OS Command injection vulnerability
Trust: 0.8
sources:
JVNDB: JVNDB-2024-021848
DESCRIPTION
Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.62
sources:
NVD: CVE-2024-30645 //
JVNDB: JVNDB-2024-021848
AFFECTED PRODUCTS
| vendor: | tenda | model: | ac15 | scope: | eq | version: | 15.03.20_multi | Trust: 1.0 |
| vendor: | tenda | model: | ac15 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | tenda | model: | ac15 | scope: | eq | version: | ac15 firmware 15.03.20 multi | Trust: 0.8 |
| vendor: | tenda | model: | ac15 | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2024-021848 //
NVD: CVE-2024-30645
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2024-021848 //
NVD: CVE-2024-30645
PROBLEMTYPE DATA
| problemtype: | CWE-78 | Trust: 1.0 |
| problemtype: | OS Command injection (CWE-78) [ others ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2024-021848 //
NVD: CVE-2024-30645
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-30645 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2024-021848 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2024-021848 //
NVD: CVE-2024-30645
REFERENCES
| url: | https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/setusbunload.md | Trust: 1.0 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2024-30645 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2024-021848 //
NVD: CVE-2024-30645
SOURCES
| db: | JVNDB | id: | JVNDB-2024-021848 |
| db: | NVD | id: | CVE-2024-30645 |
LAST UPDATE DATE
2025-04-12T23:06:58.886000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2024-021848 | date: | 2025-04-11T01:26:00 |
| db: | NVD | id: | CVE-2024-30645 | date: | 2025-04-08T15:27:52.807 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2024-021848 | date: | 2025-04-11T00:00:00 |
| db: | NVD | id: | CVE-2024-30645 | date: | 2024-03-29T16:15:11.687 |