2 matches found
Tenda Routers Command Injection (CVE-2022-24170; CVE-2022-24171; CVE-2022-28572; CVE-2022-34595; CVE-2022-34596; CVE-2022-34597)
A command injection vulnerability exists in Tenda Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-24171
The CVE-2022-24171 entry concerns Tenda routers G1 and G3 (version 15.11.0.17(9502)_CN). A command injection vulnerability exists in the formSetPppoeServer function, allowing an attacker to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters. Docu...