Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2020-26728

Published: 11/02/2022 Updated: 22/02/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Ac9 Firmware

Vulnerability Summary

A vulnerability exists in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tenda ac9_firmware 15.03.06.42_multi

tenda ac9_firmware 15.03.05.19\\(6318\\)_cn

References

NVD-CWE-noinfohttps://github.com/Lyc-heng/routers/blob/a80b30bccfc9b76f3a4868ff28ad5ce2e0fca180/routers/rce1.mdhttps://github.com/Lyc-heng/Router/blob/main/Tenda/rce1.mdhttps://github.com/Lyc-heng/routers/blob/main/routers/rce1.mdhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook