TENDA ROUTER AC10 - RCE (full research)
CVE-2024-29197-exploit TENDA ROUTER AC10 - RCE (full research) Vulnerability description: I found an Arbitrary Command Execution vulnerability in the router's web server-- /bin/httpd of squashfs filesystem While processing the mac parameters for a post request(when an attacker accesses ip/goform/WriteFacMac), the value is directly passed to doSystem, which causes a RCE T