Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-27691

Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.

Published

2021-04-16T00:15:12.007

Last Modified

2024-11-21T05:58:25.883

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-78
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	tendacn	g0_firmware	15.11.0.5\(5876\)_cn	Yes
Operating System	tendacn	g0_firmware	15.11.0.6\(9039\)_cn	Yes
Hardware	tendacn	g0	-	No
Operating System	tendacn	g1_firmware	15.11.0.16\(9024\)_cn	Yes
Operating System	tendacn	g1_firmware	15.11.0.17\(9502\)_cn	Yes
Hardware	tendacn	g1	-	No
Operating System	tendacn	g3_firmware	15.11.0.16\(9024\)_cn	Yes
Operating System	tendacn	g3_firmware	15.11.0.17\(9502\)_cn	Yes
Hardware	tendacn	g3	-	No

References

https://hackmd.io/%40aZYpdinUS2SD-yhAeHwOkw/rkhTCGzMd ([email protected])
https://hackmd.io/%40aZYpdinUS2SD-yhAeHwOkw/rkhTCGzMd (af854a3a-2127-422b-91ae-364da2661108)