CVE-2022-30023
HIGH EXPLOITED IN THE WILDTenda Hg9 Firmware - OS Command Injection
Title source: ruleDescription
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
Exploits (1)
nomisec
WORKING POC
8 stars
by Haniwa0x01 · remote-auth
https://github.com/Haniwa0x01/CVE-2022-30023
Scores
CVSS v3
8.8
EPSS
0.2991
EPSS Percentile
96.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2022-12-21
InTheWild.io
2022-12-21
CWE
CWE-78
Status
published
Products (1)
tenda/hg9_firmware
1.0.1
Published
Jun 16, 2022
Tracked Since
Feb 18, 2026