CVE-2018-25317— Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-25317
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change
Source: NVD (National Vulnerability Database)
Vulnerability Description
Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用欺骗进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
Tenda W3002R 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Tenda W3002R是中国腾达(Tenda)公司的一款无线路由器。 Tenda W3002R存在安全漏洞,该漏洞源于Cookie会话弱点,可能导致未经身份验证的攻击者通过利用会话验证不足修改DNS设置,向/goform/AdvSetDns端点发送带有特制admin语言cookie的GET请求以更改主DNS和辅助DNS服务器,将用户流量重定向到恶意DNS服务器。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2018-25317
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-25317
请登录查看更多情报信息。
Same Patch Batch · Tenda · 2026-04-29 · 3 CVEs total
| CVE-2018-25318 | 9.8 CRITICAL | Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change |
| CVE-2018-25316 | 9.8 CRITICAL | Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change |
IV. Related Vulnerabilities
Same vendor: Tenda
- CVE-2026-8265
Tenda AC6 httpd getLogFile get_log_file os command injection - CVE-2026-8264
Tenda AC6 httpd WifiApScan formWifiApScan os command injecti - CVE-2026-8263
Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os comman - CVE-2026-8259
Tenda AC6 httpd telnet os command injection - CVE-2026-8138
Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based
Same weakness: CWE-290
- CVE-2021-47923
OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie - CVE-2026-42354
Sentry: Improper authentication on SAML SSO process allows u - CVE-2026-44118
OpenClaw < 2026.4.22 - Owner Context Spoofing via Bearer Tok - CVE-2026-39858
Traefik: Forwarded alias spoofing top pre-auth decision bypa - CVE-2018-25318
Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Cha
V. Comments for CVE-2018-25317
No comments yet