CVE-2022-28572

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
References
Link Resource
https://github.com/F0und-icu/TempName/tree/main/TendaAX18 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ax1806:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tenda:ax1803_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ax1803:-:*:*:*:*:*:*:*

Information

Published : 2022-05-02 06:15

Updated : 2022-08-05 20:19


NVD link : CVE-2022-28572

Mitre link : CVE-2022-28572


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

tenda

  • ax1803_firmware
  • ax1806_firmware
  • ax1803
  • ax1806