There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering shell commands that change this router's username and password.
References
Link | Resource |
---|---|
http://www.tendacn.com/en/2017.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:07
Updated: 2022-10-03T16:23:07
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-9138
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-05-21T22:29:00.180
Modified: 2017-06-02T18:59:45.177
Link: CVE-2017-9138
JSON object: View
Redhat Information
No data.
CWE