Lucene search
K

5 matches found

OSV
OSV
added 2025/11/12 3:15 p.m.3 views

CVE-2025-63666

Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...

9.8CVSS5.8AI score0.00471EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/12 12:0 a.m.12 views

CVE-2025-63666

Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...

0.00471EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.5 views

Tenda AC15 安全漏洞

Tenda AC15 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC15 version v15.03.05.18multi, which stems from an authentication cookie that exposes a password hash and uses a low entropy session identifier, which could lead to session hijacking...

9.8CVSS7AI score0.00471EPSS
Exploits1References3
CVE
CVE
added 2025/11/12 12:0 a.m.23 views

CVE-2025-63666

CVE-2025-63666 affects Tenda AC15 v15.03.05.18_multi. The flaw is that an authentication cookie exposes the account password hash to the client and uses a short, low-entropy session identifier. An attacker with network access or the ability to run JavaScript in a victim’s browser can steal the co...

9.8CVSS7AI score0.00471EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-32191

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00502EPSS
Exploits1References3
Rows per page
Query Builder