Blog | G5 Cyber Security

Vulnerability Spotlight: Tenda AC9 /goform/WanParameterSetting command injection vulnerability

The Tenda AC9 is one of the most popular and affordable dual-band gigabit WiFi Router available online. A command injection vulnerability exists in the `/goform/WanParamSetting` resource. A specially crafted HTTP POST request can cause a command injection, resulting in code execution. The attacker can get reverse shell running as root using this command injection. Tenda failed to patch it per Ciscos 90-day deadline. The following SNORT rules will detect exploitation attempts.”]

Source: https://blog.talosintelligence.com/2019/11/vulnerability-spotlight-tenda-ac9-command-nov-2019.html

Exit mobile version