Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-22079 | 1 Tendacn | 4 Ac10u, Ac10u Firmware, Ac9 and 1 more | 2022-10-26 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. | |||||
CVE-2021-45401 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2022-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function. |