Command Injection Vulnerability in Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576)

CVE-2022-40847 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.

Learn more about our Cis Benchmark Audit For Server Software.