virus logo Intrusion Prevention

Tenda.AC15.AC1900.Authenticated.Remote.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit an Remote Command Injection vulnerability in multiple Tenda AC devices.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An authenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application.

affected-products-logoAffected Products

Tenda AC9 AC15 AC1900 with FW v15.03.05.19 and prior
Tenda AC7 with FW v15.03.06.44 and prior
Tenda AC10 with FW v15.03.06.23 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-11-18 16.964 Sig Added
2020-09-09 16.920 Sig Added
2020-08-10 15.902 Default_action:pass:drop
2020-07-29 15.897 Sig Added
2020-07-27 15.894

References

https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68
ID 49352
Created Jul 16, 2020
Updated Mar 19, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2021-38003 CVE-2020-10987 CVE-2020-15916 CVE-2018-14558
Known Exploited Yes
Exploit Prediction Score 95.93%
Default Action drop
Active
Affected OS Linux
Affected App Other