CVE-2022-40100

Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:i9_firmware:1.0.0.8\(3828\):*:*:*:*:*:*:*
cpe:2.3:h:tenda:i9:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:20

Type Values Removed Values Added
References () https://github.com/splashsc/IOT_Vulnerability_Discovery/blob/main/Tenda/Tenda_i9/Command_Injection_formexeCommand.md - Broken Link () https://github.com/splashsc/IOT_Vulnerability_Discovery/blob/main/Tenda/Tenda_i9/Command_Injection_formexeCommand.md - Broken Link

Information

Published : 2022-09-23 19:15

Updated : 2024-11-21 07:20


NVD link : CVE-2022-40100

Mitre link : CVE-2022-40100

CVE.ORG link : CVE-2022-40100


JSON object : View

Products Affected

tenda

  • i9
  • i9_firmware
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')