6 matches found
CVE-2022-30425
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...
Command injection
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...
Tenda HG6 操作系统命令注入漏洞
Tenda HG6 is an intelligent routing passive optical network terminal from Tenda, China.A command injection vulnerability exists in Tenda HG6, which stems from the failure of the pingAddr and traceAddr parameters to properly filter the construction of command special characters, commands, etc. An...
CVE-2022-30425
Affected product : Tenda HG6 router (firmware/software version 3.3.0-210926, HG6). Vulnerability : OS command injection via HTTP POST parameters in the formPing/formPing6 and formTracert/formTracert6, exploiting unfiltered input in the pingAddr and traceAddr fields. Root cause : failure to proper...
CVE-2022-30425
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...
Tenda HG6 3.3.0 Remote Command Injection Vulnerability
Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters in formPing, formPing6, formTracert and formTracert6 interfaces. Tenda HG6 v3.3.0 Remote Comman...