CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2020-10987	High	93.6%	TendaAC1900 Router AC15 Model	Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.	Nov 3, 2021	KEV
CVE-2021-31755	High	94.3%	TendaAC11 Router	Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.	Nov 3, 2021	KEV
CVE-2018-14558	High	77.3%	TendaAC7, AC9, and AC10 Routers	Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.	Nov 3, 2021	KEV

CVE-2020-10987KEV

High

Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.

TendaEPSS 93.6%

CVE-2021-31755KEV

High

Tenda AC11 devices contain a stack buffer overflow vulnerability in /goform/setmac which allows attackers to execute code via a crafted post request.

TendaEPSS 94.3%

CVE-2018-14558KEV

High

Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.

TendaEPSS 77.3%