Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function in the mac parameter.
[
{
"cpes": [
"cpe:2.3:o:tenda:f1202_firmware:1.2.0.20\\(408\\):*:*:*:*:*:*:*"
],
"vendor": "tenda",
"product": "f1202_firmware",
"versions": [
{
"status": "affected",
"version": "1.2.0.20\\(408\\)"
}
],
"defaultStatus": "unknown"
}
]