2 matches found
Tenda AX3 Router Command Injection (CVE-2022-24148; CVE-2022-24150)
A command injection vulnerability exists in Tenda AX3 router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-24148
The CVE-2022-24148 entry concerns Tenda AX3 router (v16.03.12.10_CN). A command injection exists in the mDMZSetCfg function, exploitable via the dmzIp parameter, allowing an attacker to execute arbitrary commands. Multiple sources describe remote, unauthenticated threat enabling high-impact outco...