CVE Catalog

CVE-2018-25317

Critical
Published: Translated: NVD NIST

Summary

Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers.

Risk Assessment

This vulnerability poses a risk of redirecting user traffic to malicious DNS servers, potentially leading to data theft or malware. Organizations should be aware of the potential threats associated with unauthorized access to network settings.

Recommendation

It is recommended to update the router firmware to the latest version to mitigate this vulnerability. Additionally, implementing further security measures such as strong authentication and network traffic monitoring is advisable.

Original NVD description (English source)

Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS