CVE-2022-34595

CRITICAL

Tenda AX1803 v1.0.0.1_2890 - OS Command Injection via setipv6status Function

Title source: llm

Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 9.8

EPSS 0.1786

EPSS Percentile 95.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78

Status published

Products (1)

tenda/ax1803_firmware 1.0.0.1_2890

Published Jul 06, 2022

Tracked Since Feb 18, 2026