VAR-202206-0251
Vulnerability from variot - Updated: 2023-12-18 13:00Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of hg6 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit this vulnerability to cause arbitrary command execution. HG6 provides 4 LAN ports(1GE,3FE),a voice port to meet users' requirements for enjoying the Internet,HD IPTV and VoIP multi-service applications.The application suffers from an authenticated OS command injectionvulnerability. This can be exploited to inject and execute arbitraryshell commands through the 'pingAddr' and 'traceAddr' HTTP POST parametersin formPing, formPing6, formTracert and formTracert6 interfaces.Tested on: Boa/0.93.15
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202206-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg6",
"scope": "eq",
"trust": 1.6,
"vendor": "tenda",
"version": "3.3.0-210926"
},
{
"model": "hg6",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "hg6",
"scope": "eq",
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "hg6",
"scope": "eq",
"trust": 0.8,
"vendor": "tenda",
"version": "hg6 firmware 3.3.0-210926"
},
{
"model": "hg6 v",
"scope": "eq",
"trust": 0.1,
"vendor": "tenda",
"version": "firmware version: 3.3.0-210926"
},
{
"model": "hg6 v",
"scope": "eq",
"trust": 0.1,
"vendor": "tenda",
"version": "software version: v1.1.0"
},
{
"model": "hg6 v",
"scope": "eq",
"trust": 0.1,
"vendor": "tenda",
"version": "hardware version: v1.0"
},
{
"model": "hg6 v",
"scope": "eq",
"trust": 0.1,
"vendor": "tenda",
"version": "check version: td_hg6_xpon_tde_isp"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tenda:hg6_firmware:3.3.0-210926:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tenda:hg6:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30425"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
}
],
"trust": 0.1
},
"cve": "CVE-2022-30425",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2022-30425",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2022-46164",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-30425",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-30425",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-46164",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202206-249",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2022-5706",
"trust": 0.1,
"value": "(4/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of hg6 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit this vulnerability to cause arbitrary command execution. HG6 provides 4 LAN ports(1*GE,3*FE),a voice port to meet users\u0027 requirements for enjoying the Internet,HD IPTV and VoIP multi-service applications.The application suffers from an authenticated OS command injectionvulnerability. This can be exploited to inject and execute arbitraryshell commands through the \u0027pingAddr\u0027 and \u0027traceAddr\u0027 HTTP POST parametersin formPing, formPing6, formTracert and formTracert6 interfaces.Tested on: Boa/0.93.15",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "VULMON",
"id": "CVE-2022-30425"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/tenda_hg6_cmdinj.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-30425",
"trust": 4.0
},
{
"db": "ZSL",
"id": "ZSL-2022-5706",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-46164",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "166932",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2022050009",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "50916",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-30425",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "VULMON",
"id": "CVE-2022-30425"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"id": "VAR-202206-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46164"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46164"
}
]
},
"last_update_date": "2023-12-18T13:00:47.291000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Tenda HG6 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/336476"
},
{
"title": "Tenda HG6 Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=195732"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.zeroscience.mk/en/vulnerabilities/zsl-2022-5706.php"
},
{
"trust": 2.5,
"url": "https://www.tendacn.com/"
},
{
"trust": 2.5,
"url": "https://www.tendacn.com/product/hg6.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30425"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-30425/"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/166932/tenda-hg6-3.3.0-remote-command-injection.html"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2022050009"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225715"
},
{
"trust": 0.1,
"url": "https://sploitus.com/exploit?id=zsl-2022-5706"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/50916"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2022-30425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "VULMON",
"id": "CVE-2022-30425"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"db": "VULMON",
"id": "CVE-2022-30425"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-03T00:00:00",
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"date": "2022-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"date": "2022-06-02T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30425"
},
{
"date": "2023-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"date": "2022-06-02T14:15:52.903000",
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"date": "2022-06-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2022-5706"
},
{
"date": "2022-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-46164"
},
{
"date": "2022-06-02T00:00:00",
"db": "VULMON",
"id": "CVE-2022-30425"
},
{
"date": "2023-08-15T08:10:00",
"db": "JVNDB",
"id": "JVNDB-2022-010486"
},
{
"date": "2022-06-10T02:49:26.770000",
"db": "NVD",
"id": "CVE-2022-30425"
},
{
"date": "2022-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0hg6\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010486"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202206-249"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…