Published: 23/07/2020 Updated: 21/11/2024

goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote malicious users to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tenda ac15 firmware 15.03.05.19

This project is a PoC for exploiting CVE-2020-15916, a vulnerability that allows unauthorized changes to the LAN configuration of a device

EN GenLANConfigAttack - is a PoC for exploiting CVE-2020-15916, a vulnerability that allows unauthorized changes to the LAN configuration of a device Features Exploits LAN configuration vulnerability Sends malicious payload to alter network settings Bypasses security mechanisms for gaining control over the LAN How to Use Clone this repository: git clone githubcom/

CWE-78 https://nvd.nist.gov https://github.com/geniuszlyy/CVE-2020-15916 https://www.first.org/epss https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68 https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-15916

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect