漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to gain root shell access to the device by sending a crafted web request. This is persistent because the command injection is saved in the configuration of the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenda RX2 Pro 安全漏洞
Vulnerability Description
Tenda RX2 Pro是中国腾达(Tenda)公司的一款高性能WiFi 6信号放大器。 Tenda RX2 Pro 16.03.30.14版本存在安全漏洞,该漏洞源于setLanCfg API端点缺少输入验证,可能导致远程攻击者获取root shell访问权限。
CVSS Information
N/A
Vulnerability Type
N/A