Security Advisory
CVE-2022-24144
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters.