Medium severity4.7NVD Advisory· Published Oct 20, 2024· Updated Jun 17, 2026
CVE-2024-10195
CVE-2024-10195
Description
A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goform_get_cmd_process of the component SMS Check. The manipulation of the argument order_by leads to sql injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
2V008-20220830+ 1 more
- (no CPE)range: V008-20220830
- (no CPE)range: V008-20220830
Patches
Vulnerability mechanics
References
4- vuldb.comnvdThird Party Advisory
- asciinema.org/a/2mwkmDqRZfeAYTu5hHre1r4QBnvdBroken Link
- vuldb.comnvdPermissions Required
- vuldb.comnvdPermissions Required
News mentions
0No linked articles in our index yet.