CVE Catalog

CVE-2018-25316

Critical
Published: Translated: NVD NIST

Summary

Tenda W308R v2 version V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites.

Risk Assessment

This vulnerability poses a risk of redirecting user traffic to malicious sites, potentially leading to data theft or malware infection. Organizations should be aware of the potential threats associated with unauthorized access to DNS settings.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and implement additional security measures such as stronger session authentication. Network traffic should also be monitored for unauthorized changes to DNS settings.

Original NVD description (English source)

Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS