2 matches found
CVE-2022-37810
Summary: CVE-2022-37810 affects Tenda AC1206 devices (firmware v15.03.06.23). The issue is a command injection via the mac parameter in the function formWriteFacMac due to insufficient input sanitization, enabling remote command execution. Impact: As per the sources, this vulnerability can lead t...
Command Injection Over HTTP (CVE-2019-9166; CVE-2021-43936; CVE-2022-1813; CVE-2022-24086; CVE-2022-24193; CVE-2022-26536; CVE-2022-32092; CVE-2022-37810; CVE-2022-40048)
A command Injection over HTTP vulnerability has been reported. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...