CVE-2019-16213

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21:*:*:*:*:*:*:*
cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*

Information

Published : 2020-06-25 13:15

Updated : 2020-07-01 13:59


NVD link : CVE-2019-16213

Mitre link : CVE-2019-16213


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

tendacn

  • pa6_firmware
  • pa6