CVE-2019-5072

CVE-2019-5072

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.

Source: CVE-2019-5072

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다