CVE-2020-10986: CSRF
First published: Mon Jul 13 2020(Updated: )
A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda ac15 firmware | =15.03.05.19 | |
| Tenda AC15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Tenda AC15 AC1900?
The vulnerability ID of Tenda AC15 AC1900 is CVE-2020-10986.
What is the severity level of CVE-2020-10986?
The severity level of CVE-2020-10986 is high (6.5).
How does CVE-2020-10986 affect Tenda AC15 AC1900 version 15.03.05.19?
CVE-2020-10986 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.
Is Tenda AC15 AC1900 version 15.03.05.19 vulnerable to CVE-2020-10986?
Yes, Tenda AC15 AC1900 version 15.03.05.19 is vulnerable to CVE-2020-10986.
How can I mitigate the CSRF issue in Tenda AC15 AC1900 version 15.03.05.19?
To mitigate the CSRF issue, update the firmware of Tenda AC15 AC1900 to a version that addresses the vulnerability.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/tenda
- canonical/tenda ac15 firmware
- version/tenda ac15 firmware/15.03.05.19
- canonical/tenda ac15