The vulnerability of the formSetSambaConf() function (/goform/setsambacfg) in the Tenda AC18 router microprogramming software allows a attacker to execute arbitrary commands.
The vulnerability of the formSetSambaConf function /goform/setsambacfg of the Tenda AC18 router microprogramming system is related to the failure to take measures to neutralize special elements used in the OS command when processing the parameter usbName. Exploiting this vulnerability allows a...