CVE-2018-25316 | Tenda W308R v2 5.07.48 DNS Setting Endpoint /goform/AdvSetDns authentication spoofing (Exploit 44373 / EDB-44373)

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability categorized as critical has been discovered in Tenda W308R v2 5.07.48. Affected by this vulnerability is an unknown functionality of the file /goform/AdvSetDns of the component DNS Setting Endpoint. The manipulation results in authentication bypass by spoofing.

This vulnerability was named CVE-2018-25316. The attack may be performed from remote. In addition, an exploit is available.

CVE-2018-25316 | Tenda W308R v2 5.07.48 DNS Setting Endpoint /goform/AdvSetDns authentication spoofing (Exploit 44373 / EDB-44373)

Post correlati

CVE-2024-13499 | GamiPress Plugin up to 7.2.1 on WordPress Shortcode gamipress_do_shortcode code injection

CVE-2024-4698 | Testimonial Carousel for Elementor Plugin up to 10.1.1 on WordPress cross site scripting

CVE-2026-3090 | saadiqbal Post SMTP Plugin up to 3.8.0 on WordPress event_type cross site scripting

CVE-2024-4669 | Events Addon for Elementor Plugin up to 2.1.4 on WordPress Widgets cross site scripting