CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24168

Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupStartIP and IPGroupEndIP parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/pjqwudi/my_vuln/blob/main/Tenda/vuln_37/37.md
https://github.com/pjqwudi/my_vuln/blob/main/Tenda/vuln_37/37.md

Products affected by CVE-2022-24168

Tendacn » G1 » Version: N/A

cpe:2.3:h:tendacn:g1:-
Tendacn » G3 » Version: N/A

cpe:2.3:h:tendacn:g3:-
Tendacn » G1 Firmware » Version: 15.11.0.17(9502)_cn

cpe:2.3:o:tendacn:g1_firmware:15.11.0.17(9502)_cn
Tendacn » G3 Firmware » Version: 15.11.0.17(9502)_cn

cpe:2.3:o:tendacn:g3_firmware:15.11.0.17(9502)_cn

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24168

Products

Pricing

Contact Us