A security audit of a $5 Temu WiFi extender reveals serious vulnerabilities, including a complete lack of input sanitization that allows remote code execution. Using `$(reboot)` as a WiFi password causes an infinite reboot loop, exposing the device's shell injection flaw. Firmware dumped via the Breed web recovery console was
Sort: