GCVE - cpe:2.3:a:tecno:4g_portable_wifi_tr118:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:tecno:4g_portable_wifi_tr118:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Tecno (`6b746d30-5c53-51a4-a61c-914cbfe53e0e`)
Product	4G Portable Wifi Tr118 (`347a58ca-2c64-5567-ad78-85d146321671`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-10195`	vulnerable	2026-06-03 14:54:05.103547	Tecno 4G Portable WiFi TR118 SMS Check goform_get_cmd_process sql injection MEDIUM (4.7) A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goform_get_cmd_process of the component SMS Check. The manipulation of the argument order_by leads to sql injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-10-20T08:31:03.986Z Updated: 2024-10-21T19:28:34.492Z Open on db.gcve.eu Reference links https://vuldb.com/?id.280969 https://vuldb.com/?ctiid.280969 https://vuldb.com/?submit.422994 https://asciinema.org/a/2mwkmDqRZfeAYTu5hHre1r4QB	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-6304`	vulnerable	2026-06-03 14:53:51.428692	Tecno 4G Portable WiFi TR118 Ping Tool goform_get_cmd_process os command injection HIGH (7.2) A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goform_get_cmd_process of the component Ping Tool. The manipulation of the argument url leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-246130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2023-11-27T00:31:04.537Z Updated: 2024-08-02T08:28:20.813Z Open on db.gcve.eu Reference links https://vuldb.com/?id.246130 https://vuldb.com/?ctiid.246130 https://drive.google.com/file/d/1DUSlAxTbNLBdv1aLUAn-tDMu6Z1rHYH8/view	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.