A vulnerability classified as critical has been found in Tenda O3V2 up to 1.0.0.12. Affected is an unknown function of the file /goform/getTraceroute. The manipulation of the argument dest leads to command injection.

This vulnerability is traded as CVE-2024-34338. It is possible to launch the attack remotely. There is no exploit available.