Home / exploitsPDF  

Tenda HG6 3.3.0 Remote Command Injection

Posted on 03 May 2022

Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters in formPing, formPing6, formTracert and formTracert6 interfaces.

 

TOP