W308R

CVEs (1)

• CVE-2018-25316CriApr 29, 2026
  Tenda

  W308R
  risk 0.64cvss 9.8epss 0.01

  Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language…