CVE-2022-35555 Information

Description

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.9(4122) which allows attackers to construct cmdinput parameters for arbitrary command execution.

Reference

https://github.com/ilovekeer/IOT/blob/main/Tenda/W6/Injection/exeCommand/README.md