Tag
critical
advisory
Tenda Router DNS Hijacking via Cookie Session Weakness
2 rules 1 TTP 1 CVETenda W3002R/A302/W309R routers with firmware V5.07.64_en are vulnerable to unauthenticated DNS hijacking, where attackers exploit a cookie session weakness to modify DNS settings via crafted GET requests.
W3002R/A302/W309R wireless routers
cve-2018-25317
dns-hijacking
router-vulnerability
2r
1t
1c
critical
advisory
Totolink A8000RU Command Injection Vulnerability (CVE-2026-7244)
3 rules 1 TTP 1 CVEA critical OS command injection vulnerability (CVE-2026-7244) exists in the setWiFiEasyGuestCfg function of the /cgi-bin/cstecgi.cgi file in Totolink A8000RU version 7.1cu.643_b20200521, allowing remote attackers to execute arbitrary commands.
A8000RU
command injection
router vulnerability
cve-2026-7244
3r
1t
1c