Tag
critical
advisory
Tenda W308R DNS Hijacking Vulnerability (CVE-2018-25316)
2 rules 1 TTP 1 CVETenda W308R v2 V5.07.48 is vulnerable to cookie session weakness, allowing unauthenticated attackers to modify DNS settings via crafted GET requests to redirect user traffic to malicious sites.
W308R v2
cve-2018-25316
dns-hijacking
tenda
cookie-injection
2r
1t
1c
critical
advisory
Tenda Router DNS Hijacking via Cookie Session Weakness
2 rules 1 TTP 1 CVETenda W3002R/A302/W309R routers with firmware V5.07.64_en are vulnerable to unauthenticated DNS hijacking, where attackers exploit a cookie session weakness to modify DNS settings via crafted GET requests.
W3002R/A302/W309R wireless routers
cve-2018-25317
dns-hijacking
router-vulnerability
2r
1t
1c
critical
advisory
Tenda FH303/A300 DNS Hijacking Vulnerability (CVE-2018-25318)
2 rules 1 TTP 1 CVETenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability (CVE-2018-25318) that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation, potentially redirecting user traffic to malicious sites.
FH303/A300 firmware
cve-2018-25318
tenda
dns-hijacking
network
2r
1t
1c