Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda HG10 Boa Webserver formSamba command injection
Vulnerability Description
A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Tenda HG10 命令注入漏洞
Vulnerability Description
Tenda HG10是中国腾达(Tenda)公司的一个光猫路由器。 Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon存在命令注入漏洞,该漏洞源于Boa Webserver组件中/boaform/formSamba文件的未知函数对参数serverString的操作导致命令注入,可能导致远程命令执行。
CVSS Information
N/A
Vulnerability Type
N/A