3 matches found
CVE-2022-26536
Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/setFixTools...
CVE-2022-26536
CVE-2022-26536 affects Tenda M3 firmware version 1.10 V1.0.0.12(4856) and is caused by a command injection vulnerability in the /goform/setFixTools API endpoint. The Red Hat and CNVD entries confirm a remote command execution risk, with no public exploitation details provided in the documents. Th...
Command Injection Over HTTP (CVE-2019-9166; CVE-2021-43936; CVE-2022-1813; CVE-2022-24086; CVE-2022-24193; CVE-2022-26536; CVE-2022-32092; CVE-2022-37810; CVE-2022-40048)
A command Injection over HTTP vulnerability has been reported. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...