Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE.
References
Link | Resource |
---|---|
http://tenda.com | Vendor Advisory |
https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md | Broken Link |
http://ac15v10.com | Broken Link |
Information
Published : 2022-01-28 11:15
Updated : 2022-07-12 10:42
NVD link : CVE-2021-44971
Mitre link : CVE-2021-44971
JSON object : View
CWE
CWE-697
Incorrect Comparison
Products Affected
tenda
- ac5
- ac15_firmware
- ac15
- ac5_firmware