| Название | Tenda HG3 N300 Wi-Fi xPON ONT HARD_VERSION=V2.0 , Version: 300003070 Remote code execution |
|---|
| Описание | A remote code execution vulnerability exists in Tenda-HG3 series IoT devices. This security flaw is caused by the lack of effective parameter filtering and input validation mechanisms, where the device does not properly filter and restrict externally input parameters, resulting in unauthorized command concatenation risks. Malicious attackers can exploit this vulnerability to gain unauthorized access to the device's internal system interfaces, and further execute arbitrary code on the target IoT device, which may lead to the device being controlled, abnormal operation, and other serious security threats. |
|---|
| Источник | ⚠️ https://www.notion.so/33e0c75766a880488924cf24523acf6c |
|---|
| Пользователь | 2er00ne (UID 91682) |
|---|
| Представление | 10.04.2026 14:34 (2 месяцы назад) |
|---|
| Модерация | 26.04.2026 22:17 (16 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 359759 [Tenda HG3 2.0 /boaform/formTracert datasize эскалация привилегий] |
|---|
| Баллы | 17 |
|---|