CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10987

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.902

EPSS Ranking 99.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

Proposed Action

Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.

Ransomware Campaign

Unknown

References

https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68
https://www.ise.io/research/
https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68
https://www.ise.io/research/

Products affected by CVE-2020-10987

Tenda » Ac15 » Version: N/A

cpe:2.3:h:tenda:ac15:-
Tenda » Ac15 Firmware » Version: 15.03.05.19

cpe:2.3:o:tenda:ac15_firmware:15.03.05.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10987

Products

Pricing

Contact Us