6 matches found
CVE-2022-45506
Tenda W30E v1.0.1.25633 was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName...
CVE-2022-45506
Tenda W30E v1.0.1.25633 was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName...
Command injection
Tenda W30E v1.0.1.25633 was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName...
CVE-2022-45506
Tenda W30E v1.0.1.25633 was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName...
CVE-2022-45506
Tenda W30E v1.0.1.25633 was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName...
CVE-2022-45506
The CVE-2022-45506 issue affects Tenda W30E firmware version 1.0.1.25(633). Vulnerable component/file: the API endpoint /goform/delFileName, via the fileNameMit parameter, enabling command injection. CVSSv3.1 metrics show a base score of 9.8 (CRITICAL) with Network attack vector, Low attack compl...