CVE-2024-30645 is a command injection vulnerability identified in the Tenda AC15V1.0 router firmware version V15.03.20_multi. The vulnerability arises from improper sanitization of the deviceName parameter, which is used in system commands. An attacker with low privileges and network access can inject arbitrary shell commands through this parameter, leading to remote code execution on the device. The vulnerability is classified under CWE-78 (Improper Neutralization of Special Elements used in an OS Command). The CVSS v3.1 score is 8.0, indicating high severity, with attack vector being adjacent network (AV:A), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), and impacting confidentiality, integrity, and availability (C:H/I:H/A:H). Although no public exploits or patches are currently available, the flaw allows attackers to fully compromise the router, potentially intercepting or manipulating network traffic, deploying malware, or disrupting network services. The vulnerability affects a widely deployed consumer-grade router model, which is often used in home and small office environments, increasing the risk of exploitation in less-secure network segments.

The impact of CVE-2024-30645 is significant for organizations and individuals relying on Tenda AC15 routers. Successful exploitation can lead to full device compromise, allowing attackers to execute arbitrary commands with system-level privileges. This can result in interception of sensitive data, network traffic manipulation, creation of persistent backdoors, disruption of network availability, and lateral movement within the network. Given the router's role as a gateway device, attackers can leverage this vulnerability to pivot into internal networks, compromising additional systems. The lack of authentication barriers and no requirement for user interaction lowers the barrier for exploitation, especially in environments where the attacker has adjacent network access, such as compromised Wi-Fi or LAN segments. This vulnerability poses a critical risk to confidentiality, integrity, and availability of network communications and connected devices.

To mitigate CVE-2024-30645, organizations should immediately restrict network access to the Tenda AC15 routers by segmenting them from untrusted or guest networks and limiting management interfaces to trusted administrators only. Disable remote management features if enabled. Monitor network traffic for unusual command injection attempts or unexpected device behavior. Employ network intrusion detection systems (NIDS) with signatures targeting command injection patterns. Since no official patches are currently available, consider replacing vulnerable devices with models from vendors that provide timely security updates. Additionally, enforce strong network access controls and use VPNs or secure tunnels for remote management. Regularly audit router configurations and firmware versions to detect unauthorized changes. Engage with Tenda support channels to obtain information on forthcoming patches and apply them promptly once released.