PT-2020-16925 · Tenda · Tenda Ac1200

Published

2020-12-28

Updated

2020-12-30

CVE-2020-28094

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Tenda AC1200 (Model AC6) version 15.03.06.51 multi

Description The default settings for the router speed test on the affected device contain links to download malware named elive or CNKI E-Learning.

Recommendations For Tenda AC1200 (Model AC6) version 15.03.06.51 multi, consider changing the default settings for the router speed test to avoid links to malware downloads. As a temporary workaround, restrict access to the speed test feature until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-28094

Affected Products

Tenda Ac1200

PT-2020-16925 · Tenda · Tenda Ac1200

CVE-2020-28094

Related Identifiers

Affected Products

References · 5