Multiple Command Injection Vulnerabilities in Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576)

Multiple Command Injection Vulnerabilities in Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576)

CVE-2022-41396 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.

Learn more about our Web Application Penetration Testing UK.