⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-10987OS Command Injection in Ac15 Firmware

CWE-78OS Command InjectionCWE-74Injection8 documents7 sources
Severity
9.8CRITICALNVD
EPSS
93.9%
top 0.12%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Tenda Ac15 Firmware
Timeline
PublishedJul 13
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDtenda/ac15_firmware15.03.05.19

🔴Vulnerability Details

3
GHSA
GHSA-r3xc-9hm9-gf29: The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 152022-05-24
CVEList
CVE-2020-10987: The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 152020-07-13
VulnCheck
Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability2020

💥Exploits & PoCs

1
Nuclei
Tenda AC15 AC1900 version 15.03.05.19 - Command Injection

🔍Detection Rules

2
Suricata
ET EXPLOIT Possible Tenda OS Command Injection (CVE-2020-10987) (POST)2021-11-17
Suricata
ET EXPLOIT Tenda OS Command Injection (CVE-2020-10987) (GET)2021-11-17

📋Vendor Advisories

1
CISA
Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability2021-11-03
CVE-2020-10987 — OS Command Injection in Tenda | cvebase