Tenda AC1206 fromSysToolReboot Function Cross-Site Request Forgery Vulnerability

The AC1206 is a high performance router designed with Gigabit ports for both WAN and LAN ports. Tenda AC1206 firmware version USAC1206V1.0RTLV15.03.06.23multiTD01 suffers from a cross-site request forgery vulnerability, which exists in the fromSysToolReboot function in the /bin/httpd file, and ca...

PT-2022-26245 · Tenda · Tenda Ax1803

Name of the Vulnerable Software and Affected Versions: Tenda AX1803 version US AX1803v2.0br v1.0.0.1 2994 CN ZGYD01 4 Description: The issue is related to Cross Site Request Forgery CSRF and can be exploited via the fromSysToolReboot function. Recommendations: For Tenda AX1803 version US...