CVE-2022-41396

Description

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.

Related CPE's

otendaac1200_v-w15ev2_firmware15.11.0.10\(1576\)*******

htendaac1200_v-w15ev2-*******

References

https://boschko.ca/tenda_ac1200_router

ExploitTechnical DescriptionThird Party Advisory

https://boschko.ca/tenda_ac1200_router/

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io