CVE-2020-24987

Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to "radius".
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tendacn:ac18_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tendacn:ac18_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*

Information

Published : 2020-09-04 13:15

Updated : 2022-11-07 05:39


NVD link : CVE-2020-24987

Mitre link : CVE-2020-24987


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

tendacn

  • ac18
  • ac18_firmware