It was discovered that the Tenda AC23 V16.03.07.45_cn had multiple cross-site scripting vulnerabilities, which could be exploited by hackers to exploit the targeted user. In addition, it was discovered that the Tenda AC23 V16.03.07.45_cn had multiple SQL injection vulnerabilities. An attacker could exploit these vulnerabilities to inject malicious code into the database of the targeted Tenda AC23 V16.03.07.45_cn. Last but not least, it was discovered that the Tenda AC23 V16.03.07.45_cn had multiple cross-site request forgery vulnerabilities via the loginRedirect function in the wwvSetBasic function. An attacker could exploit these vulnerabilities to hijack thealkyrie-enabled Tenda AC23 V16.03.07.45_cn to issue remote commands to targeted devices. Tenda AC23 V16.03.07.45_cn is an Android smart plug. We recommend updating Tenda AC23 V16.03.07.45_cn to the latest version. Tenda has released a new version to address these issues. You can update Tenda AC23 V16.03.07.45_cn by following the steps below. Go to Settings > About and press the check box to update the software.

Tenda AC23 V17 Firmware Update Guide

The Tenda AC23 V17.01.02.26_cn is an Android smart plug with a built-in Wi-Fi access point and the ability to connect multiple smart plugs together. This devices can scan for available Wi-Fi networks within range and automatically reconnect when it is lost, or remotely turn on/off lights.
Tenda released a new version of its firmware to address these issues – Version V17.01.02.26_cn – which you can update by following the steps below:
1) Go to Settings > About and press the check box to update the software. 2) The App Store will open automatically; select Update App from the menu to download and install the app update for your device, and then restart your device after reboot has completed 3) After updating, open Settings > WiFi and make sure that your device is connected back to our network 4) Once you have confirmed that everything has been updated correctly, go back into Settings > About and verify that there is an updated version number listed in this section of the app

Tenda AC23 V16.03.07.45_cn Cross-site Scripting (XSS) Vulnerabilities

Tenda AC23 V16.03.07.45_cn has multiple cross-site scripting vulnerabilities, which could be exploited by hackers to exploit the targeted user. These vulnerabilities can be exploited by a hacker to cause the Tenda AC23 V16.03.07.45_cn to display malicious code on the victim's browser or have other malicious consequences, such as sending remote commands to targeted devices connected via the Tenda AC23 V16.03.07.45_cn smart plug, causing them to perform operations without authorization from the targeted user of the device in question.

Timeline

Published on: 11/03/2022 14:15:00 UTC
Last modified on: 11/03/2022 17:28:00 UTC

References