CVE-2018-25317 | Tenda W3002R/A302/W309R 5.07.64_en /goform/AdvSetDns authentication spoofing (Exploit 44380 / EDB-44380)

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability identified as critical has been detected in Tenda W3002R, A302 and W309R 5.07.64_en. Affected by this issue is some unknown functionality of the file /goform/AdvSetDns. This manipulation causes authentication bypass by spoofing.

The identification of this vulnerability is CVE-2018-25317. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2018-25317 | Tenda W3002R/A302/W309R 5.07.64_en /goform/AdvSetDns authentication spoofing (Exploit 44380 / EDB-44380)

Post correlati

CVE-2026-5690 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setRemoteCfg enable os command injection

CVE-2025-5322 | e4jvikwp VikRentCar Car Rental Management System Plugin up to 1.4.3 on WordPress do_updatecar unrestricted upload

CVE-2024-12500 | Philantro Plugin up to 5.2 on WordPress cross site scripting

CVE-2024-8945 | CodeCanyon RISE Ultimate Project Manager 3.7.0 save id sql injection