⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2022-30023

CWE-78OS Command InjectionCWE-77Command Injection7 documents6 sources
Severity
8.8HIGH
EPSS
29.9%
top 3.36%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Tenda HG9 Firmware
Timeline
PublishedJun 16
Latest updateNov 7

Description

Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-874f-56vm-px9w: Tenda ONT GPON AC1200 Dual band WiFi HG9 v12022-06-17
CVEList
CVE-2022-30023: Tenda ONT GPON AC1200 Dual band WiFi HG9 v12022-06-16
VulnCheck
Tenda hg9_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')2022

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Tenda HG9 Router Command Injection Attempt (CVE-2022-30023)2024-11-07

🕵️Threat Intelligence

1
Unit42
IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits2023-06-22
CVE-2022-30023 (HIGH CVSS 8.8) | Tenda ONT GPON AC1200 Dual band WiF | cvebase.io