Invia #434934: Tenda AC6 V15.03.05.19 Command Injectioninformazioni

TitoloTenda AC6 V15.03.05.19 Command Injection
DescrizioneThe parameter mac in the function formWriteFacMac is concatenated and causes the execution of a system command. the front-end is calling an API endpoint named WriteFacMac, which is likely a GET request that sends a MAC address to the server.
Fonte⚠️ https://github.com/theRaz0r/iot-mycve/blob/main/tenda_ac6_rce_WriteFacMac/tenda_ac6_rce_WriteFacMac.md
Utente
 theRaz0r (UID 76937)
Sottomissione31/10/2024 12:47 (2 anni fa)
Moderazione01/11/2024 18:01 (1 day later)
StatoAccettato
Voce VulDB282865 [Tenda AC6 15.03.05.19 API Endpoint /goform/WriteFacMac formWriteFacMac mac escalationi di privilegi]
Punti16

Interested in the pricing of exploits?

See the underground prices here!