CVE-2023-36103 Information

Description

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.

Reference

https://github.com/t0hka1/Tenda-AC15-Exp/blob/master/Tenda%20AC15%20V15.03.05.20%20Exp.md