CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-45990

Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/pjqwudi/my_vuln/blob/main/Tenda/vuln_1/1.md
https://www.tenable.com/cve/CVE-2021-45990
https://github.com/pjqwudi/my_vuln/blob/main/Tenda/vuln_1/1.md

Products affected by CVE-2021-45990

Tendacn » G1 » Version: N/A

cpe:2.3:h:tendacn:g1:-
Tendacn » G3 » Version: N/A

cpe:2.3:h:tendacn:g3:-
Tendacn » G1 Firmware » Version: 15.11.0.17(9502)_cn

cpe:2.3:o:tendacn:g1_firmware:15.11.0.17(9502)_cn
Tendacn » G3 Firmware » Version: 15.11.0.17(9502)_cn

cpe:2.3:o:tendacn:g3_firmware:15.11.0.17(9502)_cn

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-45990

Products

Pricing

Contact Us