CVE-2024-10697 | Tenda AC6 15.03.05.19 API Endpoint /goform/WriteFacMac formWriteFacMac The command injection

Posted by Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument The leads to command injection.

This vulnerability is known as CVE-2024-10697. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10697 | Tenda AC6 15.03.05.19 API Endpoint /goform/WriteFacMac formWriteFacMac The command injection

Related Posts

CVE-2024-6763 | Eclipse Jetty up to 12.0.11 URL Parser improper validation of syntactic correctness of input (ID 25)

CVE-2023-6422 | BigProf Online Clinic Management System 2.2 patients_view.php FirstRecord cross site scripting

CVE-2024-0669 | Plone CMS 6.0.5 URL cross site scripting

CVE-2024-49760 | OpenRefine up to 3.8.2 translations-$LANG.json LANG path traversal (GHSA-qfwq-6jh6-8xx4)