5 matches found
CVE-2025-63666
Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...
CVE-2025-63666
Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...
Tenda AC15 安全漏洞
Tenda AC15 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC15 version v15.03.05.18multi, which stems from an authentication cookie that exposes a password hash and uses a low entropy session identifier, which could lead to session hijacking...
CVE-2025-63666
CVE-2025-63666 affects Tenda AC15 v15.03.05.18_multi. The flaw is that an authentication cookie exposes the account password hash to the client and uses a short, low-entropy session identifier. An attacker with network access or the ability to run JavaScript in a victim’s browser can steal the co...
EUVD-2025-32191
Malicious code in bioql PyPI...