CVE-2022-32054: OS Command Injection
First published: Thu Jul 07 2022(Updated: )
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda Ac10 Firmware | =15.03.06.26 | |
| Tenda AC10 | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-32054?
CVE-2022-32054 is a remote code execution (RCE) vulnerability found in Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 firmware.
How severe is CVE-2022-32054?
CVE-2022-32054 has a severity rating of 9.8, which is classified as critical.
How does CVE-2022-32054 work?
CVE-2022-32054 allows attackers to execute remote code by exploiting the 'lanIp' parameter in Tenda AC10 firmware.
Is Tenda AC10 firmware version 15.03.06.26 vulnerable?
Yes, Tenda AC10 firmware version 15.03.06.26 is vulnerable to CVE-2022-32054.
How can I fix CVE-2022-32054?
To fix CVE-2022-32054, update Tenda AC10 firmware to a version that is not affected.
- agent/type
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/references
- agent/severity
- agent/remedy
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac10 firmware
- version/tenda ac10 firmware/15.03.06.26
- canonical/tenda ac10
- version/tenda ac10/1.0