| 제목 | Tenda AC9 V1.0 V15.03.02.13 Command Injection |
|---|
| 설명 | The Tenda AC9 V1.0 V15.03.02.13 firmware has a command injection vulnerability in the formSetIptv function. The Var variable receives the list parameter from a POST request and is later passed to the sub_B0060 function. |
|---|
| 원천 | ⚠️ https://candle-throne-f75.notion.site/Tenda-AC9-formSetIptv-209df0aa11858061ae2bcbf83918d034 |
|---|
| 사용자 | ysnysn (UID 86181) |
|---|
| 제출 | 2025. 06. 06. AM 10:43 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 06. 06. PM 10:12 (11 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 311579 [Tenda AC9 15.03.02.13 POST Request /goform/SetIPTVCfg formSetIptv list 권한 상승] |
|---|
| 포인트들 | 14 |
|---|