Cisco Talos is disclosing this vulnerability after Tenda failed to patch it per Cisco’s 90-day deadline. Read more about the Cisco vulnerability disclosure policy here.
Vulnerability details
Tenda AC9 /goform/WanParameterSetting command injection vulnerability (TALOS-2019-0861/CVE-2019-5071, CVE-2019-5072)An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router (AC9V1.0 Firmware V15.03.05.16_multi_TRU). A specially crafted HTTP POST request can cause a command injection, resulting in code execution. An attacker can send a specific HTTP POST request with a command to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.
Versions tested
Talos tested and confirmed that AC9V1.0, firmware, versions 15.03.05.16_multi_TRU and 15.03.05.14_EN are affected by this vulnerability.Coverage
The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.Snort Rules: 50782 - 50785
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.