CVE-2023-51099
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-51099 is a newly identified vulnerability affecting Tenda W9 V1.0.0.7(4456)_CN. The issue resides in the function formexeCommand, which has been found to be susceptible to command injection attacks. An attacker can exploit this vulnerability by sending malicious commands to the affected device, potentially gaining unauthorized access and control. This can lead to serious consequences, including data theft, unauthorized network access, and system compromise. It is crucial for users to update their devices to the latest firmware version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Shenzhen Tenda Technology Co. Ltd