exploitDog

GHSA-w8p2-8xpf-2498

Опубликовано: 13 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.

Ссылки

EPSS

Процентиль: 92%

0.0788

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2022-35555

CVSS3: 9.8

nvd

больше 3 лет назад

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.

EPSS

Процентиль: 92%

0.0788

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77