Cisco Talos recently discovered a command injection vulnerability in the Tenda AC9 router. The Tenda AC9 is one of the most popular and affordable dual-band gigabit WiFi Router available online, especially on Amazon. A command injection vulnerability exists in the `/goform/WanParameterSetting` resource. A locally authenticated attacker can execute arbitrary commands to post parameters to execute commands on the router. The attacker can get reverse shell running as root using this command injection.
