exploitDog

GHSA-hrqw-h4fg-w3j3

Опубликовано: 05 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution

Ссылки

EPSS

Процентиль: 95%

0.16013

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2022-28557

CVSS3: 9.8

nvd

почти 4 года назад

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution

EPSS

Процентиль: 95%

0.16013

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77