Lucene search
MitreCVE-2022-41396HistoryNov 15, 2022 - 3:15 a.m.
CVE-2022-41396
2022-11-1503:15:15
CWE-78
mitre
web.nvd.nist.gov
29
7
cve-2022-41396
tenda
ac1200 router
command injection
ipsec
security vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
36.6%
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters.
Affected configurations
Node
tendaw15eMatch2.0
tendaw15e_firmwareMatch15.11.0.10\(1576\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tenda | w15e | 2.0 | cpe:2.3:h:tenda:w15e:2.0:*:*:*:*:*:*:* |
| tenda | w15e_firmware | 15.11.0.10(1576) | cpe:2.3:o:tenda:w15e_firmware:15.11.0.10\(1576\):*:*:*:*:*:*:* |
Social References
More
Related
cvelist
cvelist
CVE-2022-41396
2022-11-15 00:00:00
nvd
nvd
CVE-2022-41396
2022-11-15 03:15:15
cnvd
cnvd
Tenda AC1200 Command Injection Vulnerability
2022-11-21 00:00:00
prion
prion
Command injection
2022-11-15 03:15:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
36.6%
Related for CVE-2022-41396