Leoservalli

**Name of the Vulnerable Software and Affected Versions** ASKEY router RTF3505VW-N1 version BR SV g000 R3505VMN1001 s32 7 **Description** The issue allows attackers to escalate privileges by running the `tcpdump` command after placing a crafted file in the `/tmp` directory and sending crafted packets through port 80, specifically the "80" API endpoint. **Recommendations** For ASKEY router RTF3505VW-N1 version BR SV g000 R3505VMN1001 s32 7, consider restricting access to the `/tmp` directory and limiting the use of the `tcpdump` command until a patch is available. Additionally, restrict incoming traffic on port 80 to minimize the risk of exploitation.