Yanbushuang

**Name of the Vulnerable Software and Affected Versions** Tenda AC5 router version V15.03.06.28 **Description** The issue is related to insufficient input validation in the Tenda AC5 router's firmware, which can be exploited by a remote attacker to execute arbitrary code using the `Mac` parameter at the "ip/goform/WriteFacMac" endpoint. **Recommendations** For Tenda AC5 router version V15.03.06.28, consider restricting access to the "ip/goform/WriteFacMac" endpoint to minimize the risk of exploitation. Avoid using the `Mac` parameter in the affected endpoint until the issue is resolved.