Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
CVE-2022-39073 Firmware details: wa_inner_version: BD_POSTEMF286RMODULEV100B12 cr_version: CR_ITPOSTEMF286RV100B10 Prerequisites requests (pip install requests) Command Injection The vulnerability is a shared command injection between the zte_net_link_detect binary and the WATCH_DOG_SWITCH handler in the webserver goahead binary No