An issue exists on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tendacn ac15_firmware - |