This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical session weakness in Tenda routers. π **Consequences**: Attackers can hijack sessions to modify DNS settings without permission.β¦
π‘οΈ **Root Cause**: **CWE-290** (Authentication Bypass via Spoofing). The flaw lies in **insufficient cookie validation**. The router fails to verify session integrity properly, allowing session hijacking.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **Tenda FH303** and **Tenda A300**. π·οΈ **Version**: Specifically **V5.07.68_EN**. These are wireless routers from the Chinese vendor Tenda.
Q4What can hackers do? (Privileges/Data)
π **Attacker Actions**: Unauthenticated actors can change **DNS settings**. This allows them to redirect traffic, perform Man-in-the-Middle attacks, or disrupt network access.β¦
π **Threshold**: **LOW**. No authentication (PR:N) is required. No user interaction (UI:N) is needed. Exploitation is remote (AV:N) and easy (AC:L).
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit Status**: **YES**. Public exploits exist. See **ExploitDB #44381** and **VulnCheck Advisory**. Wild exploitation is possible for those with this knowledge.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for Tenda FH303/A300 devices running firmware **V5.07.68_EN**. Look for weak cookie handling in web interfaces. Use vulnerability scanners targeting CVE-2018-25318.
π§ **No Patch Workaround**: If unpatched, **isolate** the device. Disable remote management. Monitor DNS changes closely. Consider replacing the router if updates are unavailable.
Q10Is it urgent? (Priority Suggestion)
β‘ **Urgency**: **CRITICAL**. CVSS 9.1 (High). Zero-auth required. Public exploits available. Immediate patching or mitigation is essential to prevent DNS hijacking.