3 matches found
CVE-2022-30425
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...
CVE-2022-30425
Affected product : Tenda HG6 router (firmware/software version 3.3.0-210926, HG6). Vulnerability : OS command injection via HTTP POST parameters in the formPing/formPing6 and formTracert/formTracert6, exploiting unfiltered input in the pingAddr and traceAddr fields. Root cause : failure to proper...
Tenda HG6 v3.3.0 Remote Command Injection Vulnerability
Summary HG6 is an intelligent routing passive optical network terminal in Tenda FTTH solution. HG6 provides 4 LAN ports1GE,3FE, a voice port to meet users' requirements for enjoying the Internet, HD IPTV and VoIP multi-service applications. Description The application suffers from an authenticate...