VYPR

A300 Firmware

by Tenda

CVEs (1)

  • CVE-2018-25318CriApr 29, 2026
    risk 0.64cvss 9.8epss 0.01

    Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin…