VYPR

AC15 AC1900

by Tenda

CVEs (2)

  • CVE-2020-10989Jul 13, 2020
    risk 0.00cvss epss 0.01

    An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.

  • CVE-2020-10986Jul 13, 2020
    risk 0.00cvss epss 0.01

    A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.