CVE-2024-3009
Published: 28 March 2024
Summary
CVE-2024-3009 is a medium-severity Command Injection (CWE-77) vulnerability in Tenda Fh1205 Firmware. Its CVSS base score is 6.3 (Medium).
Operationally, ranked in the top 9.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A command injection vulnerability exists in Tenda FH1205 firmware version 2.0.0.7(775). The flaw resides in the formWriteFacMac function of the /goform/WriteFacMac endpoint, where unsanitized input to the mac parameter is passed to an operating system command. The issue is tracked as CVE-2024-3009, assigned CWE-77, and carries a CVSS 3.1 score of 6.3.
An authenticated remote attacker can supply a crafted mac value to execute arbitrary commands on the device. Because the attack requires only low-privileged credentials and no user interaction, an adversary who obtains or guesses valid administrative credentials can achieve limited control over the router’s configuration and runtime environment. A public proof-of-concept has been released, confirming the vector.
No vendor patch or mitigation guidance has been issued; the manufacturer did not respond to disclosure. The associated EPSS score has remained flat at 0.0591 since publication, indicating no measurable increase in observed exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-31617
Vulnerability details
A vulnerability has been found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The attack can be launched…
more
remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258295. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.