Filtered by vendor Tenda
Subscriptions
Filtered by product Fh303
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25318 | 1 Tenda | 5 A300, A300 Firmware, Fh303 and 2 more | 2026-05-04 | 9.8 Critical |
| Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS servers and redirect user traffic to malicious sites. | ||||
Page 1 of 1.