VYPR
Unrated severityNVD Advisory· Published Feb 4, 2022· Updated Aug 3, 2024

CVE-2022-24170

CVE-2022-24170

Description

Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.