virus logo Intrusion Prevention

Tenda.Devices.exeCommand.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection vulnerability in multiple Tenda devices.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. An attacker may be able to exploit this to execute arbitrary commands within the context of the system.

affected-products-logoAffected Products

Tenda M3 version 1.0.0.12(4856)
Tenda W6 version 1.0.0.9(4122)
Tenda AC500 version 2.0.1.9(1307)
Tenda W30E version 1.0.1.25(633)
Tenda FH1201 version 1.2.0.14

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently, we are unaware of any vendor-supplied patch or updates available for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-01-27 29.943
Modified
 Sig Added
2024-04-09 27.763
Modified
 Default_action:pass:drop
2024-04-01 27.758
New
ID 55059
Created Mar 21, 2024
Updated Jan 27, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 81.51%
Default Action drop
Active
Affected OS Other
Affected App Other
Profile Type OS Command Injection