Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.
[
{
"cpes": [
"cpe:2.3:o:tenda:fh1206_firmware:1.2.0.8\\(8155\\):*:*:*:*:*:*:*"
],
"vendor": "tenda",
"product": "fh1206_firmware",
"versions": [
{
"status": "affected",
"version": "1.2.0.8(8155)"
}
],
"defaultStatus": "unknown"
}
]