cve/2024/CVE-2024-28545.md

CVE-2024-28545

Description

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function.

POC

Reference

• https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/setUsbUnload.md

Github

• https://github.com/LaPhilosophie/IoT-vulnerable