CVE-2022-35555

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122), which allows attackers to construct cmdinput parameters for arbitrary command execution.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:w6_firmware:1.0.0.9\(4122\):*:*:*:*:*:*:*
cpe:2.3:h:tenda:w6:-:*:*:*:*:*:*:*

Information

Published : 2022-08-12 08:15

Updated : 2022-08-16 07:49


NVD link : CVE-2022-35555

Mitre link : CVE-2022-35555


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

tenda

  • w6
  • w6_firmware