AI Score
Confidence
Low
EPSS
Percentile
47.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.
[
{
"cpes": [
"cpe:2.3:o:tenda:ac15_firmware:15.03.05.20:*:*:*:*:*:*:*"
],
"vendor": "tenda",
"product": "ac15_firmware",
"versions": [
{
"status": "affected",
"version": "15.03.05.20"
}
],
"defaultStatus": "unknown"
}
]