CVE-2020-26728
The CVE-2020-26728 entry corresponds to a remote code execution in Tenda AC9 devices (v3.0 V15.03.06.42_multi and v1.0 V15.03.05.19(6318)_CN). The underlying issue is shell metacharacters in the guestuser field used by the __fastcall function via a POST request, enabling an attacker to execute ar...