cecada/Tenda-AC6-Root-Acces

cecada/Tenda-AC6-Root-Acces

Releases0

Stars17

A vuln existss in Tenda AC6 router which allows an attacker to launch a telnet session with root access.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-28095 ↗	Dec 30, 2020Wednesday, 30 December 2020, 21:15	7.5 HIGH	7.8 HIGH
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.
CVE-2020-28093 ↗	Dec 28, 2020Monday, 28 December 2020, 07:15	7.2 HIGH	6.5 MEDIUM
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.
CVE-2020-28094 ↗	Dec 28, 2020Monday, 28 December 2020, 07:15	7.5 HIGH	5 MEDIUM
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning.