Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE.
References
Link | Resource |
---|---|
http://ac15v10.com | Broken Link URL Repurposed |
http://tenda.com | Vendor Advisory |
https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md | Broken Link |
Configurations
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://ac15v10.comĀ - Broken Link, URL Repurposed |
Information
Published : 2022-01-28 19:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-44971
Mitre link : CVE-2021-44971
CVE.ORG link : CVE-2021-44971
JSON object : View
Products Affected
tenda
- ac15_firmware
- ac5_firmware
- ac15
- ac5
CWE
CWE-697
Incorrect Comparison