Tenda AC9
0 remedies
cpe:2.3:h:tenda:ac9:*:*:*:*:*:*:*, +1 more
0 remedies
- 15.03.02.13
Tenda AC9 Cross-Site Request Forgery Vulnerability
Vulnerability
A cross-site request forgery (CSRF) vulnerability has been identified in the Tenda AC9 router running firmware version 15.03.02.13. This vulnerability allows remote attackers to manipulate the device by sending unauthorized requests, potentially leading to actions such as rebooting the router, which could cause a denial-of-service condition.
Impact
Exploitation of this vulnerability allows for cross-site request forgery, where an attacker can perform actions on behalf of a user without their consent. In this case, it could be used to reboot the device, causing a denial-of-service disruption.
Reproduction
The vulnerability can be reproduced by sending a crafted request to the Tenda AC9 router's firmware version 15.03.02.13. This request must be made in a way that the router believes it is a legitimate request from the user. Once the request is received, the router will perform the action specified in the request, such as rebooting the device.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
3.1exploitability
7.4remediation
0.0relevance
0.2threat
6.4urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.