Vulnerabilities

Report: CVE-2018-25316 - Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change - Analysis

2026-04-29 0 views admin

CVE ID :CVE-2018-25316 Published : April 29, 2026, 8:16 p.m. | 48 minutes ago Description :Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2018-25316

Severity

CRITICAL

Published

April 29, 2026

🏷️ Tags

report25316tendaw308rcookiesessionweaknesschangeanalysiscve

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2018-25316 - Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change - Analysis

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Complete Guide to CVE-2018-25312 - LifeSize ClearSea 3.1.4 Directory Traversal Remote Code Execution

Report: CVE-2018-25311 - VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal 2.10... (2026)

Report: CVE-2018-25310 - VideoFlow Digital Video Protection DVP 10 Authenticated Remote Code Execution

Report: CVE-2018-25309 - MyBB Recent threads 17.0 Persistent Cross-Site Scripting (2026)

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting