Tenda N300 Authentication Bypass via Malformed HTTP Request Header
Dec 31, 2020
CVE: CVE-2020–35391
CVSS Score: 9.6, (AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Affected Vendors: Tenda and other rebranded products
Affected Products: N300/N301 Router
Additional Details: Tenda Malformed HTTP Request Header Processing Vulnerability
Disclosure Timeline:
Disclosure to US-CERT — 2020–09–11
Disclosure to Tenda — 2020–23–11
Publication — 2020–31–12
