CVE-2024-32282 β€” Command Injection in Fh1202 Firmware

CWE-77 β€” Command Injection3 documents3 sources
Severity
6.3MEDIUMNVD
EPSS
0.5%
top 36.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda Fh1202 Firmware
Timeline
PublishedApr 17

Description

Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages1 packages

β–ΆNVDtenda/fh1202_firmware1.2.0.14\(408\)

πŸ”΄Vulnerability Details

2
CVEList
CVE-2024-32282: Tenda FH1202 v1β†—2024-04-17
β–Ά
GHSA
GHSA-xc5w-vhpx-cwfr: Tenda FH1202 v1β†—2024-04-17
β–Ά
CVE-2024-32282 β€” Command Injection in Tenda | cvebase