virus logo Intrusion Prevention

Tenda.AC15.AC1900.Authenticated.Remote.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit an Remote Command Injection vulnerability in multiple Tenda AC devices.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An authenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application.

affected-products-logoAffected Products

Tenda AC9 AC15 AC1900 with FW v15.03.05.19 and prior
Tenda AC7 with FW v15.03.06.44 and prior
Tenda AC10 with FW v15.03.06.23 and prior
Tenda AC10 with FW v15.03.06.26

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2020-11-18 16.964
Modified
 Sig Added
2020-09-09 16.920
Modified
 Sig Added
2020-08-10 15.902
Modified
 Default_action:pass:drop
2020-07-29 15.897
Modified
 Sig Added
2020-07-27 15.894
New

References

https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68
ID 49352
Created Jul 16, 2020
Updated Sep 18, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 93.82%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type OS Command Injection