Amit Raut of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered a command injection vulnerability in the Tenda AC9 router. The Tenda AC9 is one of the most popular and affordable dual-band gigabit WiFi Router available online, especially on Amazon. A command injection vulnerability exists in the
Cisco Talos is disclosing this vulnerability after Tenda failed to patch it per Cisco’s 90-day deadline. Read more about the Cisco vulnerability disclosure policy here.
Vulnerability detailsTenda AC9 /goform/WanParameterSetting command injection vulnerability (TALOS-2019-0861/CVE-2019-5071, CVE-2019-5072)
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router (AC9V1.0 Firmware V15.03.05.16_multi_TRU). A specially crafted HTTP POST request can cause a command injection, resulting in code execution. An attacker can send a specific HTTP POST request with a command to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.
Versions testedTalos tested and confirmed that AC9V1.0, firmware, versions 15.03.05.16_multi_TRU and 15.03.05.14_EN are affected by this vulnerability.
CoverageThe following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 50782 - 50785