CSRF Vulnerability in Tenda AC15 AC1900 Version 15.03.05.19

CSRF Vulnerability in Tenda AC15 AC1900 Version 15.03.05.19

CVE-2020-10986 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.

Learn more about our Web App Pen Testing.