Vulnerability Details CVE-2020-28095
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2020-28095
-
cpe:2.3:h:tenda:ac6:2.0
-
cpe:2.3:o:tenda:ac6_firmware:15.03.06.51