CVE-2020-28095

On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:ac1200_firmware:15.03.06.51_multi:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ac1200:ac6:*:*:*:*:*:*:*

History

21 Nov 2024, 05:22

Type Values Removed Values Added
References () https://github.com/cecada/Tenda-AC6-Root-Acces/blob/main/README.md - Exploit, Third Party Advisory () https://github.com/cecada/Tenda-AC6-Root-Acces/blob/main/README.md - Exploit, Third Party Advisory

Information

Published : 2020-12-30 21:15

Updated : 2024-11-21 05:22


NVD link : CVE-2020-28095

Mitre link : CVE-2020-28095

CVE.ORG link : CVE-2020-28095


JSON object : View

Products Affected

tenda

  • ac1200_firmware
  • ac1200
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')