First published: Thu Dec 08 2022(Updated: )
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
=1.0.0.4\(510\) | ||
All of | ||
Tenda W6-s Firmware | =1.0.0.4\(510\) | |
Tenda W6-S |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-45497 is 9.8 (Critical).
The tpi_get_ping_output function at /goform/exeCommand is vulnerable to command injection in CVE-2022-45497.
You can check if your Tenda W6-S firmware version 1.0.0.4(510) is affected by CVE-2022-45497 by verifying the presence of the vulnerability in the tpi_get_ping_output function at /goform/exeCommand.