3 matches found
CVE-2019-5072
creationtimestamp| type| source ---|---|--- 2024-02-26 11:41:05+00:00| seen| https://t.me/ctinow/193265...
CVE-2019-5072
The CVE-2019-5072 entry maps to a Tenda AC9 router vulnerability in /goform/WanParameterSetting that enables a local authenticated command-injection leading to code execution (root shell possible) via DNS2 post parameters. Talos reports CVSS 3.0/7.8 and confirms affected versions AC9V1.0 firmware...
Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection, resulting in cod...