3 matches found
CVE-2024-2707
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has...
CVE-2024-2707 Tenda AC10U WriteFacMac formWriteFacMac os command injection
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has...
CVE-2024-2707
The CVE-2024-2707 entry concerns Tenda AC10U (firmware 15.03.06.49). The root cause is improper sanitization in the mac parameter of the /goform/WriteFacMac endpoint (function formWriteFacMac), enabling remote OS command injection. Impact is high: attackers can execute arbitrary commands on affec...