1 results (0.001 seconds)
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-6304 – Tecno 4G Portable WiFi TR118 Ping Tool goform_get_cmd_process os command injection
https://notcve.org/view.php?id=CVE-2023-6304
A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goform_get_cmd_process of the component Ping Tool. The manipulation of the argument url leads to os command injection. The attack can be initiated remotely. • https://drive.google.com/file/d/1DUSlAxTbNLBdv1aLUAn-tDMu6Z1rHYH8/view https://vuldb.com/?ctiid.246130 https://vuldb.com/?id.246130 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •