17 matches found
CVE-2018-25318
Tenda FH303/A300 firmware V5.07.68EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS...
CVE-2018-25318
CVE-2018-25318 affects Tenda FH303/A300 firmware V5.07.68_EN. The issue is a session weakness that lets unauthenticated attackers modify DNS settings by exploiting insufficient cookie validation. Attackers can issue GET requests to /goform/AdvSetDns with a crafted admin cookie to change DNS serve...
CVE-2018-25318 Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change
Tenda FH303/A300 firmware V5.07.68EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS...
EUVD-2018-21839
Tenda FH303/A300 firmware V5.07.68EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS...
CVE-2018-25317
The CVE-2018-25317 issue affects Tenda W3002R/A302/W309R routers (V5.07.64_en). It describes a cookie session weakness that lets unauthenticated attackers modify DNS settings by abusing insufficient session validation. An attacker can issue GET requests to the /goform/AdvSetDns endpoint using a c...
CVE-2018-25317 Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change
Tenda W3002R/A302/W309R wireless routers version V5.07.64en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted...
CVE-2018-25316
CVE-2018-25316 affects Tenda W308R v2 (firmware V5.07.48). The issue is a cookie session weakness where insufficient session validation allows unauthenticated attackers to modify DNS settings via the goform/AdvSetDns endpoint by sending a crafted admin language cookie, enabling DNS changes that r...
CVE-2018-25316 Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
CVE-2018-25316 Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
PT-2026-35999
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
PT-2026-36001
Tenda FH303/A300 firmware V5.07.68 EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS...
Tenda W3002R/A302/w309r Wireless Router 5.07.64_en DNS Changer
Tenda W3002R/A302/w309r Wireless Router V5.07.64en Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with...
Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)
Tenda W3002R/A302/w309r Wireless Router V5.07.64en Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with...
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change
Tenda N11 Wireless Router 5.07.43enNEX01 - Remote DNS Change !/bin/bash Tenda N11 Wireless Router V5.07.43enNEX01 Cookie Session Weakness Remote DNS Change PoC Exploit Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign...
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change
!/bin/bash Tenda N11 Wireless Router V5.07.43enNEX01 Cookie Session Weakness Remote DNS Change PoC Exploit Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Use...
CVE-2018-7445
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is...
Ximian Evolution < 1.1.1 camel Component Man-in-the-Middle SSL Session Weakness
Binary data 1306.prm...