CVE-2024-32314

CWE-77Command Injection3 documents3 sources
Severity
3.8LOW
EPSS
0.5%
top 34.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda Ac500 Firmware
Timeline
PublishedApr 17

Description

Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:NExploitability: 1.2 | Impact: 2.5

Affected Packages1 packages

NVDtenda/ac500_firmware2.0.1.9\(1307\)

🔴Vulnerability Details

2
CVEList
CVE-2024-32314: Tenda AC500 V22024-04-17
GHSA
GHSA-p3xm-9632-5464: Tenda AC500 V22024-04-17
CVE-2024-32314 (LOW CVSS 3.8) | Tenda AC500 V2.0.1.9(1307) firmware | cvebase.io