Details of VAR-202206-0251

ID

VAR-202206-0251

CVE

CVE-2022-30425

TITLE

Shenzhen Tenda Technology Co.,Ltd. of hg6 in the firmware OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-010486

DESCRIPTION

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of hg6 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit this vulnerability to cause arbitrary command execution. HG6 provides 4 LAN ports(1*GE,3*FE),a voice port to meet users' requirements for enjoying the Internet,HD IPTV and VoIP multi-service applications.The application suffers from an authenticated OS command injectionvulnerability. This can be exploited to inject and execute arbitraryshell commands through the 'pingAddr' and 'traceAddr' HTTP POST parametersin formPing, formPing6, formTracert and formTracert6 interfaces.Tested on: Boa/0.93.15

Trust: 2.34

sources: NVD: CVE-2022-30425 // JVNDB: JVNDB-2022-010486 // CNVD: CNVD-2022-46164 // ZSL: ZSL-2022-5706 // VULMON: CVE-2022-30425

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-46164

AFFECTED PRODUCTS

vendor:	tenda	model:	hg6	scope:	eq	version:	3.3.0-210926	Trust: 1.6
vendor:	tenda	model:	hg6	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	hg6	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	hg6	scope:	eq	version:	hg6 firmware 3.3.0-210926	Trust: 0.8
vendor:	tenda	model:	hg6 v	scope:	eq	version:	firmware version: 3.3.0-210926	Trust: 0.1
vendor:	tenda	model:	hg6 v	scope:	eq	version:	software version: v1.1.0	Trust: 0.1
vendor:	tenda	model:	hg6 v	scope:	eq	version:	hardware version: v1.0	Trust: 0.1
vendor:	tenda	model:	hg6 v	scope:	eq	version:	check version: td_hg6_xpon_tde_isp	Trust: 0.1

sources: ZSL: ZSL-2022-5706 // CNVD: CNVD-2022-46164 // JVNDB: JVNDB-2022-010486 // NVD: CVE-2022-30425

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-30425
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-30425
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2022-46164
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202206-249
value:	HIGH
Trust: 0.6
ZSL:	ZSL-2022-5706
value:	(4/5)
Trust: 0.1

nvd@nist.gov:	CVE-2022-30425
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-46164
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-30425
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-30425
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZSL: ZSL-2022-5706 // CNVD: CNVD-2022-46164 // JVNDB: JVNDB-2022-010486 // CNNVD: CNNVD-202206-249 // NVD: CVE-2022-30425

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-010486 // NVD: CVE-2022-30425

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-249

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202206-249

EXPLOIT AVAILABILITY

sources: ZSL: ZSL-2022-5706

PATCH

title:	Patch for Tenda HG6 Command Injection Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/336476	Trust: 0.6
title:	Tenda HG6 Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195732	Trust: 0.6

sources: CNVD: CNVD-2022-46164 // CNNVD: CNNVD-202206-249

EXTERNAL IDS

db:	NVD	id:	CVE-2022-30425	Trust: 4.0
db:	ZSL	id:	ZSL-2022-5706	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-010486	Trust: 0.8
db:	CNVD	id:	CNVD-2022-46164	Trust: 0.6
db:	CNNVD	id:	CNNVD-202206-249	Trust: 0.6
db:	PACKETSTORM	id:	166932	Trust: 0.1
db:	CXSECURITY	id:	WLB-2022050009	Trust: 0.1
db:	EXPLOIT-DB	id:	50916	Trust: 0.1
db:	VULMON	id:	CVE-2022-30425	Trust: 0.1

sources: ZSL: ZSL-2022-5706 // CNVD: CNVD-2022-46164 // VULMON: CVE-2022-30425 // JVNDB: JVNDB-2022-010486 // CNNVD: CNNVD-202206-249 // NVD: CVE-2022-30425

REFERENCES

url:	https://www.zeroscience.mk/en/vulnerabilities/zsl-2022-5706.php	Trust: 3.1
url:	https://www.tendacn.com/	Trust: 2.5
url:	https://www.tendacn.com/product/hg6.html	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30425	Trust: 0.9
url:	https://cxsecurity.com/cveshow/cve-2022-30425/	Trust: 0.6
url:	https://packetstormsecurity.com/files/166932/tenda-hg6-3.3.0-remote-command-injection.html	Trust: 0.1
url:	https://cxsecurity.com/issue/wlb-2022050009	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/225715	Trust: 0.1
url:	https://sploitus.com/exploit?id=zsl-2022-5706	Trust: 0.1
url:	https://www.exploit-db.com/exploits/50916	Trust: 0.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2022-30425	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZSL: ZSL-2022-5706 // CNVD: CNVD-2022-46164 // VULMON: CVE-2022-30425 // JVNDB: JVNDB-2022-010486 // CNNVD: CNNVD-202206-249 // NVD: CVE-2022-30425

CREDITS

Vulnerability discovered by Gjoko Krstic

Trust: 0.1

sources: ZSL: ZSL-2022-5706

SOURCES

db:	ZSL	id:	ZSL-2022-5706
db:	CNVD	id:	CNVD-2022-46164
db:	VULMON	id:	CVE-2022-30425
db:	JVNDB	id:	JVNDB-2022-010486
db:	CNNVD	id:	CNNVD-202206-249
db:	NVD	id:	CVE-2022-30425

LAST UPDATE DATE

2024-11-23T21:58:20.164000+00:00

SOURCES UPDATE DATE

db:	ZSL	id:	ZSL-2022-5706	date:	2022-05-29T00:00:00
db:	CNVD	id:	CNVD-2022-46164	date:	2022-06-17T00:00:00
db:	VULMON	id:	CVE-2022-30425	date:	2022-06-02T00:00:00
db:	JVNDB	id:	JVNDB-2022-010486	date:	2023-08-15T08:10:00
db:	CNNVD	id:	CNNVD-202206-249	date:	2022-06-13T00:00:00
db:	NVD	id:	CVE-2022-30425	date:	2024-11-21T07:02:44.893

SOURCES RELEASE DATE

db:	ZSL	id:	ZSL-2022-5706	date:	2022-05-03T00:00:00
db:	CNVD	id:	CNVD-2022-46164	date:	2022-06-17T00:00:00
db:	VULMON	id:	CVE-2022-30425	date:	2022-06-02T00:00:00
db:	JVNDB	id:	JVNDB-2022-010486	date:	2023-08-15T00:00:00
db:	CNNVD	id:	CNNVD-202206-249	date:	2022-06-02T00:00:00
db:	NVD	id:	CVE-2022-30425	date:	2022-06-02T14:15:52.903