1 results (0.014 seconds)

CVSS: 6.5EPSS: 3%CPEs: 24EXPL: 1

A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ixout/iotVuls/blob/main/Tenda/ac1206_003/report.md https://github.com/ixout/iotVuls/blob/main/Tenda/ac1206_004/report.md https://vuldb.com/?ctiid.279946 https://vuldb.com/?id.279946 https://vuldb.com/?submit.418061 https://www.tenda.com.cn • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •