| शीर्षक | Tenda AC6 V15.03.05.19 Command Injection |
|---|
| विवरण | The parameter mac in the function formWriteFacMac is concatenated and causes the execution of a system command. the front-end is calling an API endpoint named WriteFacMac, which is likely a GET request that sends a MAC address to the server. |
|---|
| स्रोत | ⚠️ https://github.com/theRaz0r/iot-mycve/blob/main/tenda_ac6_rce_WriteFacMac/tenda_ac6_rce_WriteFacMac.md |
|---|
| उपयोगकर्ता | theRaz0r (UID 76937) |
|---|
| सबमिशन | 31/10/2024 12:47 PM (1 वर्ष पहले) |
|---|
| संयम | 01/11/2024 06:01 PM (1 day later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 282865 [Tenda AC6 15.03.05.19 API Endpoint /goform/WriteFacMac formWriteFacMac mac अधिकार वृद्धि] |
|---|
| अंक | 16 |
|---|