CVE-2024-2851
CVE-2024-2851 affects Tenda AC15 (versions 15.03.05.18 – 15.03.20 multi). The vulnerability is in the formSetSambaConf function at /goform/setsambacfg, where the usbName parameter is not properly sanitized, allowing OS command injection. It can be triggered remotely and the exploit has been discl...