Lucene search
K

8 matches found

CNVD
CNVD
added 2020/07/14 12:0 a.m.2 views

Tenda AC15 AC1900 Remote Code Execution Vulnerability

Tenda AC15 AC1900 is a wireless router from Tenda, a Chinese company. A remote code execution vulnerability exists in the goform/setUsbUnload endpoint in the Tenda AC15 AC1900 version 15.03.05.19, which can be exploited to execute arbitrary system commands via the deviceName POST parameter...

10CVSS9.9AI score0.79673EPSS
Exploits2References1
CNVD
CNVD
added 2020/07/14 12:0 a.m.2 views

Tenda AC15 AC1900 Cross-Site Scripting Vulnerability

Tenda AC15 AC1900 is a wireless router from Tenda, a Chinese company. A cross-site scripting vulnerability exists in the /goform/WifiBasicSet endpoint in the Tenda AC15 AC1900 version 15.03.05.19, which can be exploited by remote attackers to execute JavaScript via the WifiName POST parameter...

6.1CVSS6.7AI score0.00856EPSS
Exploits1References1
OSV
OSV
added 2020/07/13 7:15 p.m.4 views

CVE-2020-10987

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter...

9.8CVSS7.9AI score0.79673EPSS
Exploits2References3
Prion
Prion
added 2020/07/13 7:15 p.m.17 views

Design/Logic Flaw

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter...

10CVSS9.8AI score0.79673EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/07/13 6:4 p.m.15 views

CVE-2020-10989

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter...

6.3AI score0.00856EPSS
Exploits1References2
CVE
CVE
added 2020/07/13 6:4 p.m.49 views

CVE-2020-10989

CVE-2020-10989 refers to a Cross-Site Scripting vulnerability in the Tenda AC15 AC1900 router (firmware version 15.03.05.19). The XSS is triggered via the /goform/WifiBasicSet endpoint through the WifiName POST parameter. Affected component appears to be the web UI handling WifiName input; root c...

6.1CVSS6.2AI score0.00856EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/07/13 12:0 a.m.32 views

CVE-2020-10987

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

10CVSS9.5AI score0.79673EPSS
In wildExploits2References4
Positive Technologies
Positive Technologies
added 2020/07/13 12:0 a.m.2 views

PT-2020-4297 · Tenda · Tenda Ac15 Ac1900

Name of the Vulnerable Software and Affected Versions: Tenda AC15 AC1900 version 15.03.05.19 Description: The issue is related to insufficient neutralization of special elements, allowing remote attackers to execute arbitrary system commands. This can be achieved via the "deviceName" POST paramet...

10CVSS9.2AI score0.79673EPSS
Exploits2References8
Rows per page
Query Builder