| 标题 | Tenda HG3 N300 Wi-Fi xPON ONT HARD_VERSION=V2.0 , Version: 300003070 Remote code execution |
|---|
| 描述 | A remote code execution vulnerability exists in Tenda-HG3 series IoT devices. This security flaw is caused by the lack of effective parameter filtering and input validation mechanisms, where the device does not properly filter and restrict externally input parameters, resulting in unauthorized command concatenation risks. Malicious attackers can exploit this vulnerability to gain unauthorized access to the device's internal system interfaces, and further execute arbitrary code on the target IoT device, which may lead to the device being controlled, abnormal operation, and other serious security threats. |
|---|
| 来源 | ⚠️ https://www.notion.so/33e0c75766a880488924cf24523acf6c |
|---|
| 用户 | 2er00ne (UID 91682) |
|---|
| 提交 | 2026-04-10 14時34分 (2 月前) |
|---|
| 管理 | 2026-04-26 22時17分 (16 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 359759 [Tenda HG3 2.0 /boaform/formTracert datasize 权限提升] |
|---|
| 积分 | 17 |
|---|